Lucene search
K

9 matches found

NVD
NVD
added 2025/12/19 7:16 a.m.10 views

CVE-2025-13754

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.9.16. This is due to the plugin exposing its admin embed endpoint at /wp-json/ssa/v1/embed-inner-admin without...

5.3CVSS0.0032EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/19 6:48 a.m.3 views

CVE-2025-13754 Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.9.16 - Missing Authorization to Unauthenticated Sensitive Information Exposure

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.9.16. This is due to the plugin exposing its admin embed endpoint at /wp-json/ssa/v1/embed-inner-admin without...

5.3CVSS5.5AI score0.0032EPSS
Exploits0References2
CVE
CVE
added 2025/12/19 6:48 a.m.21 views

CVE-2025-13754

The CVE-2025-13754 entry affects the WordPress plugin Simply Schedule Appointments (Appointment Booking Calendar) up to version 1.6.9.16. Root cause is unauthenticated access to the admin embed endpoint /wp-json/ssa/v1/embed-inner-admin, causing leakage of private configuration data (staff names,...

5.3CVSS5.5AI score0.0032EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/19 12:0 a.m.7 views

PT-2025-52418

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.9.16. This is due to the plugin exposing its admin embed endpoint at /wp-json/ssa/v1/embed-inner-admin without...

5.3CVSS5.9AI score0.0032EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/17 1:48 a.m.5 views

CVE-2025-11369 Essential Blocks <= 5.7.2 - Missing Authorization To Authenticated (Author+) Information Disclosure

The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to unauthorized access of data due to a missing or incorrect capability checks on the getinstagramaccesstokencallback, googlemapapikeysavecallback and getsiteinfo functions in all...

4.3CVSS4.6AI score0.00302EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/12/17 1:48 a.m.24 views

CVE-2025-11369 Essential Blocks <= 5.7.2 - Missing Authorization To Authenticated (Author+) Information Disclosure

The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to unauthorized access of data due to a missing or incorrect capability checks on the getinstagramaccesstokencallback, googlemapapikeysavecallback and getsiteinfo functions in all...

4.3CVSS0.00302EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/12/17 12:0 a.m.9 views

PT-2025-51798

The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to unauthorized access of data due to a missing or incorrect capability checks on the get instagram access token callback, google map api key save callback and get siteinfo functions i...

4.3CVSS5AI score0.00302EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 6:2 a.m.4 views

CVE-2023-28387

"NewsPicks" App for Android versions 10.4.5 and earlier and "NewsPicks" App for iOS versions 10.4.2 and earlier use hard-coded credentials, which may allow a local attacker to analyze data in the app and to obtain API key for an external service...

5.5CVSS6.3AI score0.00172EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/01/12 12:0 a.m.4 views

Jimoty 信任管理问题漏洞

Jimoty is a Web site of Jimoty Japan, Inc. It is used to provide help, information dissemination and other services to local people. Jimoty App for Android is vulnerable to a trust management issue, which exists due to hard-coded credentials in the application code. A local attacker could exploit...

3.3CVSS5.1AI score0.00203EPSS
Exploits0References4
Rows per page
Query Builder