Vulnerabilities > CVE-2021-36855 - Unspecified vulnerability in Bookingultrapro Booking Ultra PRO Appointments Booking Calendar
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability in Booking Ultra Pro plugin <= 1.1.4 at WordPress.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- https://patchstack.com/database/vulnerability/booking-ultra-pro/wordpress-booking-ultra-pro-plugin-1-1-4-cross-site-scripting-xss-via-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
- https://patchstack.com/database/vulnerability/booking-ultra-pro/wordpress-booking-ultra-pro-plugin-1-1-4-cross-site-scripting-xss-via-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
- https://wordpress.org/plugins/booking-ultra-pro/
- https://wordpress.org/plugins/booking-ultra-pro/