Lucene search
K

4 matches found

CVE
CVE
added 2025/12/19 6:48 a.m.28 views

CVE-2025-13754

The CVE-2025-13754 entry affects the WordPress plugin Simply Schedule Appointments (Appointment Booking Calendar) up to version 1.6.9.16. Root cause is unauthenticated access to the admin embed endpoint /wp-json/ssa/v1/embed-inner-admin, causing leakage of private configuration data (staff names,...

5.3CVSS5.5AI score0.0032EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/19 6:48 a.m.3 views

CVE-2025-13754 Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.9.16 - Missing Authorization to Unauthenticated Sensitive Information Exposure

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.9.16. This is due to the plugin exposing its admin embed endpoint at /wp-json/ssa/v1/embed-inner-admin without...

5.3CVSS5.5AI score0.0032EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/19 12:0 a.m.11 views

PT-2025-52418

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.9.16. This is due to the plugin exposing its admin embed endpoint at /wp-json/ssa/v1/embed-inner-admin without...

5.3CVSS5.9AI score0.0032EPSS
Exploits0References3
Openbugbounty
Openbugbounty
added 2016/05/12 1:5 a.m.10 views

domainbusinessnames.com XSS vulnerability

Vulnerable URL: http://www.domainbusinessnames.com/utils/UnSubscribeMe.bml?Name=JUSTXSSS=EstrellaWarBirdsNews=" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...

6.3AI score
Exploits0
Rows per page
Query Builder