cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2019-20212,https://securityvulnerability.io/vulnerability/CVE-2019-20212,,"The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Persistent XSS via the chat widget/page message form.",Wordpress,"Citybook,Easybook,Townhub",6.1,MEDIUM,0.003719999920576811,false,,false,false,false,,false,false,2020-01-13T17:44:57.000Z,0
CVE-2019-20211,https://securityvulnerability.io/vulnerability/CVE-2019-20211,,"The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Persistent XSS via Listing Address, Listing Latitude, Listing Longitude, Email Address, Description, Name, Job or Position, Description, Service Name, Address, Latitude, Longitude, Phone Number, or Website.",Wordpress,"Citybook,Easybook,Townhub",6.1,MEDIUM,0.005280000157654285,false,,false,false,false,,false,false,2020-01-13T17:39:09.000Z,0
CVE-2019-20210,https://securityvulnerability.io/vulnerability/CVE-2019-20210,,"The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Reflected XSS via a search query.",Wordpress,"Citybook,Easybook,Townhub",6.1,MEDIUM,0.006570000201463699,false,,false,false,false,,false,false,2020-01-13T17:16:15.000Z,0
CVE-2019-20209,https://securityvulnerability.io/vulnerability/CVE-2019-20209,,"The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow nsecure Direct Object Reference (IDOR) via wp-admin/admin-ajax.php to delete any page/post/listing.",Wordpress,"Citybook,Easybook,Townhub",7.5,HIGH,0.006440000142902136,false,,false,false,false,,false,false,2020-01-13T17:05:22.000Z,0
CVE-2014-4584,https://securityvulnerability.io/vulnerability/CVE-2014-4584,,Cross-site scripting (XSS) vulnerability in admin/editFacility.php in the wp-easybooking plugin 1.0.3 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the fID parameter.,Wordpress,WP-easybooking,,,0.0014299999456852674,false,,false,false,false,,false,false,2014-07-01T14:00:00.000Z,0