Persistent XSS Vulnerability in CTHthemes CityBook, TownHub, and EasyBook WordPress Themes

Persistent XSS Vulnerability in CTHthemes CityBook, TownHub, and EasyBook WordPress Themes

CVE-2019-20211 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Persistent XSS via Listing Address, Listing Latitude, Listing Longitude, Email Address, Description, Name, Job or Position, Description, Service Name, Address, Latitude, Longitude, Phone Number, or Website.

Learn more about our Wordpress Pen Testing.