#xss

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Email posts to subscribers plugin <= 6.2 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution WordPress publish post email notification plugin <= 1.0.2.2 versions.

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Rescue Themes Rescue Shortcodes plugin <= 2.5 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Hennessey Digital Attorney theme <= 3 theme.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SendPress Newsletters plugin <= 1.22.3.31 versions.

Cross-site Scripting (XSS) - Generic in GitHub repository dolibarr/dolibarr prior to 18.0.0.

Cross-site Scripting (XSS) - Generic in GitHub repository dolibarr/dolibarr prior to 18.0.

A vulnerability has been found in Online Banquet Booking System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /book-services.php of the component Service Booking. The manipulation of the argument message leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-240943.

A vulnerability was found in Online Banquet Booking System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /mail.php of the component Contact Us Page. The manipulation of the argument message leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-240944.

A vulnerability, which was classified as problematic, was found in Online Banquet Booking System 1.0. Affected is an unknown function of the file /view-booking-detail.php of the component Account Detail Handler. The manipulation of the argument username leads to cross site scripting. It is possible to launch the attack remotely. VDB-240942 is the identifier assigned to this vulnerability.