518 matches found
WordPress Simply Schedule Appointments plugin <= 1.6.9.16 - Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability
Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability discovered by Marcin Dudek dudekmar - CERT.PL in WordPress Plugin Simply Schedule Appointments versions = 1.6.9.16...
EUVD-2025-198537
The Appointment Booking Calendar plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.3.96. This is due to the plugin exposing an unauthenticated booking processing endpoint cpabcappointmentscheckIPNverification that trusts attacker-supplied payment...
WordPress Booking for Appointments plugin input validation error vulnerability
WordPress Booking for Appointments plugin is a tool for implementing appointment management on WordPress websites. The WordPress Booking for Appointments plugin suffers from an input validation error vulnerability that stems from a lack of validation for the tslotapptemail AJAX action, which can ...
WordPress plugin Booking Plugin for WordPress Appointments 输入验证错误漏洞
WordPress Booking for Appointments plugin is a tool for implementing appointment management on WordPress websites. The WordPress Booking for Appointments plugin suffers from an input validation error vulnerability that stems from a lack of validation for the tslotapptemail AJAX action, which can ...
WordPress Easy Appointments plugin cross-site scripting vulnerability
WordPress Easy Appointments plugin is a free WordPress appointment management plugin, mainly used to create and manage service appointment system, support multi-location, multi-service, multi-staff appointment function. A cross-site scripting vulnerability exists in the WordPress Easy Appointment...
CVE-2025-49398
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Easy Appointments Easy Appointments easy-appointments allows Code Injection.This issue affects Easy Appointments: from n/a through = 3.12.14...
CVE-2025-49398
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Easy Appointments Easy Appointments easy-appointments allows Code Injection.This issue affects Easy Appointments: from n/a through = 3.12.14...
CVE-2025-49398
The CVE refers to CVE-2025-49398 targeting the WordPress plugin WordPress Easy Appointments (plugin name: Easy Appointments) with versions <= 3.12.14. The flaw is described as Improper Neutralization of Script-Related HTML Tags in a Web Page, leading to a Basic XSS/Content Injection vulnerabil...
CVE-2025-49398 WordPress Easy Appointments plugin <= 3.12.14 - Content Injection vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Easy Appointments Easy Appointments easy-appointments allows Code Injection.This issue affects Easy Appointments: from n/a through = 3.12.14...
EUVD-2025-38010
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Easy Appointments Easy Appointments easy-appointments allows Code Injection.This issue affects Easy Appointments: from n/a through = 3.12.14...
CVE-2025-49398 WordPress Easy Appointments plugin <= 3.12.14 - Content Injection vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Easy Appointments Easy Appointments easy-appointments allows Code Injection.This issue affects Easy Appointments: from n/a through = 3.12.14...
PT-2025-45211
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Easy Appointments Easy Appointments easy-appointments allows Code Injection.This issue affects Easy Appointments: from n/a through = 3.12.14...
WordPress plugin Easy Appointments 安全漏洞
WordPress Easy Appointments plugin is a free WordPress appointment management plugin, mainly used to create and manage service appointment system, support multi-location, multi-service, multi-staff appointment function. A cross-site scripting vulnerability exists in the WordPress Easy Appointment...
CVE-2017-20206
The Appointments plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.2.1 via deserialization of untrusted input from the wpmudevappointments cookie. This allows unauthenticated attackers to inject a PHP Object. Attackers were actively exploiting this...
CVE-2017-20206
The Appointments plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.2.1 via deserialization of untrusted input from the wpmudevappointments cookie. This allows unauthenticated attackers to inject a PHP Object. Attackers were actively exploiting this...
CVE-2017-20206
The CVE-2017-20206 entry concerns the WordPress Appointments plugin (versions up to 2.2.1). The vulnerability is a PHP Object Injection via deserialization of untrusted input from the wpmudev_appointments cookie, allowing unauthenticated attackers to inject a PHP object. The documented impact ind...
CVE-2017-20206 Appointments <= 2.2.1 - Unauthenticated PHP Object Injection
The Appointments plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.2.1 via deserialization of untrusted input from the wpmudevappointments cookie. This allows unauthenticated attackers to inject a PHP Object. Attackers were actively exploiting this...
CVE-2017-20206 Appointments <= 2.2.1 - Unauthenticated PHP Object Injection
The Appointments plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.2.1 via deserialization of untrusted input from the wpmudevappointments cookie. This allows unauthenticated attackers to inject a PHP Object. Attackers were actively exploiting this...
WordPress plugin Appointments 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...
EUVD-2018-5013
Malware in sbrugna...