3 matches found
WordPress Simply Schedule Appointments plugin <= 1.6.8.30 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Shortcodes vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Shortcodes vulnerability discovered by muhammad yudha in WordPress Plugin Simply Schedule Appointments versions = 1.6.8.30...
CVE-2025-4667
creationtimestamp| type| source ---|---|--- 2025-06-14 09:35:12+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18374 2025-06-14 13:20:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrl267osbc2u...
CVE-2025-4667
CVE-2025-4667 : The Appointment Booking Calendar — Simply Schedule Appointments WordPress plugin is vulnerable to stored cross-site scripting via the ssa_admin_upcoming_appointments, ssa_admin_upcoming_appointments, and ssa_past_appointments shortcodes in all versions up to 1.6.8.30. The root cau...