๐ Advanced Booking Calendar Plugin up to 1.6.6 on WordPress GET Parameter calId cross site scripting
๐ก Newskategorie: Sicherheitslรผcken
๐ Quelle: vuldb.com
A vulnerability, which was classified as problematic, was found in Advanced Booking Calendar Plugin up to 1.6.6 on WordPress (Calendar Software). Affected is some unknown functionality of the component GET Parameter Handler. Upgrading to version 1.6.7 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at plugins.trac.wordpress.org. The best possible mitigation is suggested to be upgrading to the latest version. ...