CVE-2020-9371: WordPress plugin vulnerability CVE Tracker Share this with people that should know this:Stored XSS exists in the Appointment Booking Calendar plugin before 1.3.35 for WordPress. In the cpabc_appointments.php file, the Calendar Name input could allow attackers to inject arbitrary JavaScript or HTML. References packetstormsecurity.com/files/156694/WordPress-Appointment-Booking-Calendar-1.3.34-CSV-Injection.html drive.google.com/open?id=1NNcYPaJir9SleyVr4cSPqpI2LNM7rtx9 wordpress.org/plugins/appointment-booking-calendar/#developers wpvulndb.com/vulnerabilities/10110 www.hotdreamweaver.com/support/view.php?id=815925 Share this with people that should know this: wordpress Data Retention Laws (Australia)
