Exploit for Appointment Hour Booking – WordPress Booking Plugin < 1.3.17 - Authenticated Stored XSS CVE-2021-24712

Name: Exploit for Appointment Hour Booking – WordPress Booking Plugin < 1.3.17 - Authenticated Stored XSS CVE-2021-24712
Rating: 5 (287 reviews)

2021-09-10 | CVSS 3.5

## https://sploitus.com/exploit?id=WPEX-ID:E677E51B-0D3F-44A5-9FCD-C159786B9926
* Open the Appointment Hour Booking Tab.
* Enter XSS payload  like "><script>alert(document.location)</script> in new calendar name field. and click on "add new" button.
* Go back to the Appointment Hour Booking Tab and select "Publish" for any calendar.
* The XSS payload will trigger on this page.