Report
Multiple cross-site scripting (XSS) vulnerabilities in templates/default/index_ajax.php in the Rezgo Online Booking plugin before 1.8.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) tags or (2) search_for parameter.
Score:6.1
Severity:Medium
Version: 1.8.1
There is a patch available in v1.8.2 and we strongly recommend you update to this version as soon as possible.
