CVE-2022-1932 Information

Description

The Rezgo Online Booking WordPress plugin before 4.1.8 does not sanitise and escape some parameters before outputting them back in a page leading to a Reflected Cross-Site Scripting which can be exploited either via a LFI in an AJAX action or direct call to the affected file

Reference

https://wpscan.com/vulnerability/005c2300-f6bd-416e-97a6-d42284bbb093