Cross-Site Scripting Vulnerability in Rezgo Plugin for WordPress
CVE-2014-4546
Currently unrated
Summary
The Rezgo plugin for WordPress suffers from a Cross-Site Scripting (XSS) vulnerability in its book_ajax.php file. This flaw allows remote attackers to exploit the response parameter, potentially injecting arbitrary web scripts or HTML. As a result, users visiting a compromised page could unknowingly execute malicious scripts, which could lead to session hijacking, data theft, or other types of exploitation.
References
Timeline
Vulnerability published
Vulnerability Reserved