ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Simpel Reserveren 3 Plugin <= 3.5.2 - Cross Site Scripting (XSS)

Product
Simpel Reserveren 3
Description
Because of this vulnerability, the variable page appears to send unsanitized data back to the users browser. Vulnerable file is /simpel-reserveren/edit.php.
Solution
Update the plugin.
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Vapid
CVE
Name CVE-2016-1000149
Versions
Affected In <= 3.5.2
Fixed In 3.5.3
Disclosure date
2016-04-12
Submitter
ThreatPress