Published: 22/08/2022 Updated: 25/08/2022
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 0

Vulnerability Summary

The Rezgo Online Booking WordPress plugin prior to 4.1.8 does not sanitise and escape some parameters before outputting them back in a page, leading to a Reflected Cross-Site Scripting, which can be exploited either via a LFI in an AJAX action, or direct call to the affected file

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

rezgo rezgo online booking