Vulnerabilities > Kibokolabs > Hostel > 0.9

DATE CVE VULNERABILITY TITLE RISK
2023-06-05 CVE-2023-0545 Unspecified vulnerability in Kibokolabs Hostel
The Hostel WordPress plugin before 1.1.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
network
low complexity
kibokolabs
4.8
4.8
2019-05-27 CVE-2019-12345 Cross-site Scripting vulnerability in Kibokolabs Hostel
XSS exists in the Kiboko Hostel plugin before 1.1.4 for WordPress.
network
kibokolabs CWE-79
4.3
4.3