Vulnerabilities > TMS Outsource > Amelia > 1.0.69
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-05 | CVE-2023-6808 | Cross-site Scripting vulnerability in Tms-Outsource Amelia The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.0.93 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2023-12-28 | CVE-2023-50860 | Cross-site Scripting vulnerability in Tms-Outsource Amelia Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TMS Booking for Appointments and Events Calendar – Amelia allows Stored XSS.This issue affects Booking for Appointments and Events Calendar – Amelia: from n/a through 1.0.85. | 5.4 |
| 2023-06-26 | CVE-2023-29427 | Cross-site Scripting vulnerability in Tms-Outsource Amelia Unauth. | 6.1 |