Medium severity5.4NVD Advisory· Published Dec 6, 2021· Updated Jun 17, 2026
CVE-2021-24930
CVE-2021-24930
Description
The WordPress Online Booking and Scheduling Plugin WordPress plugin before 20.3.1 does not escape the Staff Full Name field before outputting it back in a page, which could lead to a Stored Cross-Site Scripting issue
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Online Booking and Scheduling Plugindescription
- Range: <20.3.1
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/479704d8-057b-4642-b84a-4a78567ba20bnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.