Vulnerabilities > Wpamelia

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-23	CVE-2022-0834	Cross-site Scripting vulnerability in Wpamelia Amelia The Amelia WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the lastName parameter found in the ~/src/Application/Controller/User/Customer/AddCustomerController.php file which allows attackers to inject arbitrary web scripts onto a pages that executes whenever a user accesses the booking calendar with the date the attacker has injected the malicious payload into. network low complexity wpamelia CWE-79	5.4

Vulnerabilities > Wpamelia {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Wpamelia"}]}