Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:4 p.m.5 views

CVE-2026-3045

The Appointment Booking Calendar — Simply Schedule Appointments plugin for WordPress is vulnerable to unauthorized access of sensitive data in all versions up to and including 1.6.9.29. This is due to two compounding weaknesses: 1 a non-user-bound publicnonce is exposed to unauthenticated users...

7.5CVSS5.8AI score0.0029EPSS
Exploits0References1
NVD
NVD
added 2026/03/13 7:55 p.m.6 views

CVE-2026-3045

The Appointment Booking Calendar — Simply Schedule Appointments plugin for WordPress is vulnerable to unauthorized access of sensitive data in all versions up to and including 1.6.9.29. This is due to two compounding weaknesses: 1 a non-user-bound publicnonce is exposed to unauthenticated users...

7.5CVSS0.0029EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/13 7:23 a.m.26 views

CVE-2026-3045 Appointment Booking Calendar <= 1.6.9.29 - Missing Authorization to Unauthenticated Sensitive Information Exposure via Settings REST API Endpoint

The Appointment Booking Calendar — Simply Schedule Appointments plugin for WordPress is vulnerable to unauthorized access of sensitive data in all versions up to and including 1.6.9.29. This is due to two compounding weaknesses: 1 a non-user-bound publicnonce is exposed to unauthenticated users...

7.5CVSS0.0029EPSS
Exploits0References5
CVE
CVE
added 2026/03/13 7:23 a.m.12 views

CVE-2026-3045

CVE-2026-3045 affects the WordPress plugin “Appointment Booking Calendar — Simply Schedule Appointments” (versions up to 1.6.9.29). The vulnerability stems from two weaknesses: (1) a non-user-bound public_nonce is exposed to unauthenticated users via the REST endpoint /wp-json/ssa/v1/embed-inner,...

7.5CVSS5.8AI score0.0029EPSS
Exploits0References5
Rows per page
Query Builder