CVE-2021-24429

moderate-risk
Published 2021-07-12

The Salon booking system WordPress plugin before 6.3.1 does not properly sanitise and escape the First Name field when booking an appointment, allowing low privilege users such as subscriber to set JavaScript in them, leading to a Stored Cross-Site Scripting (XSS) vulnerability. The Payload will then be triggered when an admin visits the "Calendar" page and the malicious script is executed in the admin context.

Do I need to act?

~
1.2% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.1/10 Medium
NETWORK / LOW complexity

Affected Products (1)

Affected Vendors

Salonbookingsystem

References (2)

Exploit https://wpscan.com/vulnerability/e922b788-7da5-43b4-9b05-839c8610252a
Exploit https://wpscan.com/vulnerability/e922b788-7da5-43b4-9b05-839c8610252a
32
/ 100
moderate-risk
Severity 23/34 · High
Exploitability 4/34 · Minimal
Exposure 5/34 · Minimal