Appointment Hour Booking – WordPress Booking Plugin < 1.3.17 – Authenticated Stored XSS | CVE 2021-24712 | Plugin Vulnerabilities

Description

The plugin does not properly sanitize values used when creating new calendars.

Proof of Concept

* Open the Appointment Hour Booking Tab.
* Enter XSS payload  like "><script>alert(document.location)</script> in new calendar name field. and click on "add new" button.
* Go back to the Appointment Hour Booking Tab and select "Publish" for any calendar.
* The XSS payload will trigger on this page.

Affects Plugins

appointment-hour-booking

Fixed in 1.3.17

References

CVE

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

Shivam Rai

Submitter

Shivam Rai

Submitter twitter

Verified

Yes

WPVDB ID

e677e51b-0d3f-44a5-9fcd-c159786b9926

Timeline

Publicly Published

2021-09-10 (about 2 years ago)

Added

2021-09-10 (about 2 years ago)

Last Updated

2022-04-24 (about 2 years ago)

Other

Published

Title

Published

2023-08-23

Title

Easy Form by AYS < 1.2.1 - Admin+ Stored XSS

Published

2023-09-13

Title

Feeds for YouTube < 2.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Published

2021-09-20

Title

YITH WooCommerce Product Add-Ons < 2.1.0 - Authenticated Local File Inclusion

Published

2023-11-15

Title

Daily Prayer Time < 2023.10.21 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode

Published

2021-08-13

Title

jQuery Tagline Rotator <= 0.1.5 - Reflected Cross-Site Scripting