CVE-2025-29448

Booking logic flaw in Easy!Appointments v1.5.1 allows unauthenticated attackers to create appointments with excessively long durations, causing a denial of service by blocking all future booking availability...

CVE-2025-29448

Booking logic flaw in Easy!Appointments v1.5.1 allows unauthenticated attackers to create appointments with excessively long durations, causing a denial of service by blocking all future booking availability...

CVE-2025-29448

Booking logic flaw in Easy!Appointments v1.5.1 allows unauthenticated attackers to create appointments with excessively long durations, causing a denial of service by blocking all future booking availability...

CVE-2025-29448

Booking logic flaw in Easy!Appointments v1.5.1 allows unauthenticated attackers to create appointments with excessively long durations, causing a denial of service by blocking all future booking availability...

Easy!Appointments 安全漏洞

Easy!Appointments is a web-based appointment, scheduling management system from the individual developer Alex Tselegidis. A security vulnerability exists in Easy!Appointments version 1.5.1, which stems from a business logic issue that could lead to a denial of service...

CVE-2025-29448

CVE-2025-29448 affects Easy!Appointments v1.5.1. A booking logic flaw allows unauthenticated attackers to submit extremely long end_datetime values, enabling a denial of service by blocking all future booking availability. Technical details in connected docs show the impact as a DoS with availabi...

Easy!Appointments Denial of Service (DoS)

Booking logic flaw in Easy!Appointments v1.5.1 allows unauthenticated attackers to create appointments with excessively long durations, causing a denial of service by blocking all future booking availability...

CVE-2025-31828

Cross-Site Request Forgery CSRF vulnerability in alextselegidis Easy!Appointments easyappointments allows Cross Site Request Forgery.This issue affects Easy!Appointments: from n/a through = 1.4.2...

CVE-2025-31828

Cross-Site Request Forgery CSRF vulnerability in alextselegidis Easy!Appointments easyappointments allows Cross Site Request Forgery.This issue affects Easy!Appointments: from n/a through = 1.4.2...

CVE-2025-31828

Cross-Site Request Forgery CSRF vulnerability in alextselegidis Easy!Appointments allows Cross Site Request Forgery. This issue affects Easy!Appointments: from n/a through 1.4.2...

CVE-2025-31828

CVE-2025-31828 is a CSRF vulnerability in Easy!Appointments affecting versions up to 1.4.2. The issue enables cross-site request forgery to change settings as described in the description. Public details in the initial document indicate a high-severity impact (CVSS v3.1 base 8.8) with network att...

CVE-2025-31828 WordPress Easy!Appointments plugin <= 1.4.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross-Site Request Forgery CSRF vulnerability in alextselegidis Easy!Appointments easyappointments allows Cross Site Request Forgery.This issue affects Easy!Appointments: from n/a through = 1.4.2...

CVE-2025-31828 WordPress Easy!Appointments plugin <= 1.4.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross-Site Request Forgery CSRF vulnerability in alextselegidis Easy!Appointments allows Cross Site Request Forgery. This issue affects Easy!Appointments: from n/a through 1.4.2...

WordPress plugin Easy!Appointments 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site reques...

CVE-2025-1119

CVE-2025-1119 affects the WordPress plugin “Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin” and allows unauthenticated attackers to execute arbitrary shortcodes via an improper validation of values before running do_shortcode. The issue impacts all versions up to and i...

CVE-2025-1119 Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.8.5 - Unauthenticated Arbitrary Shortcode Execution

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.6.8.5. This is due to the software allowing users to execute an action that does not properly validate a value...

WordPress Simply Schedule Appointments plugin <= 1.6.8.5 - Unauthenticated Arbitrary Shortcode Execution vulnerability

Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by Luciano Hanna in WordPress Plugin Simply Schedule Appointments versions = 1.6.8.5...

CVE-2024-13431 Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.8.3 - Reflected Cross-Site Scripting

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the accentcolor and background parameter in all versions up to, and including, 1.6.8.3 due to insufficient input sanitization and output escaping...

WordPress Simply Schedule Appointments plugin <= 1.6.8.3 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Luciano Hanna in WordPress Plugin Simply Schedule Appointments versions = 1.6.8.3...

WordPress plugin WP BASE Booking of Appointments, Services and Events 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A security vulnerability exists in the WordPress plugi...