Vulnerabilities > Etoilewebdesign > Ultimate Appointment Booking Scheduling > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-08-26	CVE-2020-24313	Cross-site Scripting vulnerability in Etoilewebdesign Ultimate Appointment Booking & Scheduling Etoile Web Design Ultimate Appointment Booking & Scheduling WordPress Plugin v1.1.9 and lower does not sanitize the value of the "Appointment_ID" GET parameter before echoing it back out inside an input tag. network low complexity etoilewebdesign CWE-79	6.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.