6 matches found
CVE-2022-2373
The Simply Schedule Appointments WordPress plugin before 1.5.7.7 is missing authorisation in a REST endpoint, allowing unauthenticated users to retrieve WordPress users details such as name and email address...
CVE-2022-2373
creationtimestamp| type| source ---|---|--- 2022-08-29 22:34:25+00:00| seen| https://t.me/cibsecurity/49002...
CVE-2022-2373
The Simply Schedule Appointments WordPress plugin before 1.5.7.7 is missing authorisation in a REST endpoint, allowing unauthenticated users to retrieve WordPress users details such as name and email address...
CVE-2022-2373
The Simply Schedule Appointments WordPress plugin before 1.5.7.7 is missing authorisation in a REST endpoint, allowing unauthenticated users to retrieve WordPress users details such as name and email address...
CVE-2022-2373
The CVE-2022-2373 entry concerns the WordPress plugin Simply Schedule Appointments (before 1.5.7.7). The issue is missing authorization in a REST endpoint, enabling unauthenticated access to WordPress user details (name and email). Impact is information disclosure; base CVSS 3.1 score is 5.3 (MED...
CVE-2022-2373 Simply Schedule Appointments < 1.5.7.7 - Unauthenticated Email Address Disclosure
The Simply Schedule Appointments WordPress plugin before 1.5.7.7 is missing authorisation in a REST endpoint, allowing unauthenticated users to retrieve WordPress users details such as name and email address...