WordPress Plugin Vulnerabilities

WordPress Appointment Schedule Booking System - Authenticated Stored XSS

Description

The wp-appointment-schedule-booking-system WordPress plugin was affected by an Authenticated Stored XSS security vulnerability.

Affects Plugins

Plugin icon
wp-appointment-schedule-booking-system
No known fix

References

URL
https://www.pluginvulnerabilities.com/2016/10/03/persistent-cross-site-scripting-xss-vulnerability-in-wordpress-appointment-schedule-booking-system/

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
3127de80-5461-4253-98eb-33c6b9a46963

Timeline

Publicly Published
2016-10-03 (about 9 years ago)
Added
2016-10-04 (about 9 years ago)
Last Updated
2019-11-01 (about 6 years ago)

Other

Published
Title
Published
2025-03-25
Title
Simple Social Media Share Buttons < 6.0.0 - Admin+ Stored XSS
Published
2015-06-18
Title
Erident Custom Login & Dashboard 3.4-3.4.1 - Stored Cross-Site Scripting (XSS)
Published
2022-06-27
Title
Contact Form 7 Captcha < 0.1.2 - Reflected Cross-Site Scripting
Published
2026-02-26
Title
WPZOOM Addons for Elementor < 1.3.5 - Reflected Cross-Site Scripting
Published
2024-06-06
Title
Photo Gallery by 10Web – Mobile-Friendly Image Gallery < 1.8.24 - Authenticated (Contributor+) Stored Cross-Site Scripting via Zipped SVG