Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2024-12737

The WP BASE Booking of Appointments, Services and Events WordPress plugin before 5.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.6%
CVSS Severity
CVSS v3 Score 6.1
Products affected by CVE-2024-12737
  • None » None » Version:
    _services_and_events:4.0.0
  • None » None » Version:
    _services_and_events:4.0.1
  • None » None » Version:
    _services_and_events:4.1.0
  • None » None » Version:
    _services_and_events:4.2.0
  • None » None » Version:
    _services_and_events:4.3.0
  • None » None » Version:
    _services_and_events:4.4.0
  • None » None » Version:
    _services_and_events:4.5.0
  • None » None » Version:
    _services_and_events:4.6.0
  • None » None » Version:
    _services_and_events:4.7.0
  • None » None » Version:
    _services_and_events:4.8.0
  • None » None » Version:
    _services_and_events:4.9.0
  • None » None » Version:
    _services_and_events:4.9.1
  • None » None » Version:
    _services_and_events:4.9.2
  • cpe:2.3:a:wp-base:wp_base_booking_of_appointments


Products
Pricing
Contact Us

Shodan ® - All rights reserved