Medium severity6.1NVD Advisory· Published May 10, 2023· Updated Jun 17, 2026
CVE-2023-27918
CVE-2023-27918
Description
Cross-site scripting vulnerability in Appointment and Event Booking Calendar for WordPress - Amelia versions prior to 1.0.76 allows a remote unauthenticated attacker to inject an arbitrary script by having a user who is logging in the WordPress where the product is installed visit a malicious URL.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <1.0.76
- Range: versions prior to 1.0.76
Patches
Vulnerability mechanics
References
2- jvn.jp/en/jp/JVN00971105/nvdThird Party Advisory
- wordpress.org/plugins/ameliabooking/nvdProduct
News mentions
0No linked articles in our index yet.