Cyc707

**Name of the Vulnerable Software and Affected Versions** The Pinpoint Booking System WordPress plugin versions prior to 2.9.9.4.8 **Description** The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This can occur even when the unfiltered html capability is disallowed, for example, in a multisite setup. **Recommendations** For versions prior to 2.9.9.4.8, update to version 2.9.9.4.8 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** VikBooking Hotel Booking Engine & PMS WordPress plugin versions prior to 1.6.8 **Description** The issue allows an authenticated user with subscriber privileges or above to bypass authorization and access settings they shouldn't be allowed to. This is due to direct access to menus being permitted. **Recommendations** For versions prior to 1.6.8, update to version 1.6.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the settings of the VikBooking Hotel Booking Engine & PMS WordPress plugin to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** VikBooking Hotel Booking Engine & PMS WordPress plugin versions prior to 1.6.8 **Description** The access control mechanism in the VikBooking Hotel Booking Engine & PMS WordPress plugin fails to properly restrict access to its settings. This allows any users who can access a menu to manipulate requests and perform unauthorized actions, such as editing, renaming, or deleting categories, despite initial settings prohibiting such access. This issue resembles broken access control, enabling unauthorized users to modify critical configurations. **Recommendations** For versions prior to 1.6.8, update to version 1.6.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the plugin's settings menu to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** GamiPress WordPress plugin versions prior to 6.8.9 **Description** The access control mechanism in the GamiPress WordPress plugin fails to properly restrict access to its settings. This allows Authors to manipulate requests and extend access to lower privileged users, such as Subscribers, despite initial settings prohibiting such access. The issue resembles broken access control, enabling unauthorized users to modify critical plugin configurations. **Recommendations** For versions prior to 6.8.9, update to version 6.8.9 or later to resolve the issue. As a temporary workaround, consider restricting access to the plugin's settings to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** The Salon booking system WordPress plugin versions through 9.6.5 **Description** The issue concerns the lack of sanitization and escaping of some settings in the plugin, which could allow high-privilege users, such as Editors, to perform Stored Cross-Site Scripting attacks. This is possible even when the unfiltered html capability is disallowed, for example, in a multisite setup. **Recommendations** For versions through 9.6.5, update to a version that addresses this issue to prevent Stored Cross-Site Scripting attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** The Salon booking system WordPress plugin versions prior to 9.6.3 **Description** The issue arises from improper sanitization and escaping of the `Mobile Phone` field and `sms prefix` parameter when booking an appointment, allowing customers to conduct Stored Cross-Site Scripting attacks. The payload gets triggered when an admin visits the "Bookings" page and the malicious script is executed in the admin context. **Recommendations** For versions prior to 9.6.3, update to version 9.6.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the "Bookings" page for admins until the update is applied. Avoid using the `sms prefix` parameter in the booking process until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** My Calendar WordPress plugin versions prior to 3.4.24 **Description** The issue allows users with a role as low as Subscriber to perform Cross-Site Scripting attacks, depending on the permissions set by the admin. This is due to the plugin not sanitizing and escaping some parameters. **Recommendations** For versions prior to 3.4.24, update to version 3.4.24 or later to resolve the issue. As a temporary workaround, consider restricting the permissions of the Subscriber role to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Jobs for WordPress plugin versions prior to 2.7.4 **Description** The issue allows users with a role as low as contributor to perform Stored Cross-Site Scripting attacks due to the plugin not sanitizing and escaping some parameters. **Recommendations** For versions prior to 2.7.4, update to version 2.7.4 or later to resolve the issue. As a temporary workaround, consider restricting the roles that can access the plugin's functionality to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Spiffy Calendar WordPress plugin versions prior to 4.9.9 **Description** The issue allows any user to alter the `event author` parameter when creating an event, leading to deceiving users/admins that a page was created by a Contributor+. **Recommendations** For versions prior to 4.9.9, update to version 4.9.9 or later to resolve the issue. As a temporary workaround, consider restricting access to event creation to trusted users only until the update is applied.