24 matches found
CVE-2025-49951
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpcrunch gAppointments gAppointments allows Reflected XSS.This issue affects gAppointments: from n/a through = 1.14.1...
EUVD-2025-35510
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpcrunch gAppointments gAppointments allows Reflected XSS.This issue affects gAppointments: from n/a through = 1.14.1...
CVE-2025-49951
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpcrunch gAppointments gAppointments allows Reflected XSS.This issue affects gAppointments: from n/a through = 1.14.1...
CVE-2025-49951 WordPress gAppointments Plugin <= 1.14.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpcrunch gAppointments gAppointments allows Reflected XSS.This issue affects gAppointments: from n/a through = 1.14.1...
CVE-2025-49951 WordPress gAppointments Plugin <= 1.14.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpcrunch gAppointments gAppointments allows Reflected XSS.This issue affects gAppointments: from n/a through = 1.14.1...
CVE-2025-49951
CVE-2025-49951 affects the WordPress plugin gAppointments (versions up to and including 1.14.1). The vulnerability arises from improper neutralization of user input during web page generation, enabling a reflected Cross-Site Scripting (XSS) attack. Impact is cross-site scripting with potential da...
PT-2025-43212
Name of the Vulnerable Software and Affected Versions gAppointments versions through 1.14.1 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a potential Cross-site Scripting XSS issue. This allows for Reflected XSS attacks...
EUVD-2023-34171
Malicious code in bioql PyPI...
WordPress gAppointments Plugin <= 1.14.1 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by 0xd4rk5id3 in WordPress Plugin gAppointments versions = 1.14.1...
CVE-2023-2705
The gAppointments WordPress plugin before 1.10.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against admin...
CVE-2023-2707
The gAppointments WordPress plugin through 1.9.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2023-2707
The gAppointments WordPress plugin through 1.9.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
Cross site scripting
The gAppointments WordPress plugin through 1.9.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2023-2707 Appointment booking addon for Gravity Forms <= 1.9.5.1 - Admin+ Stored XSS
The gAppointments WordPress plugin through 1.9.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2023-2707
CVE-2023-2707 affects the gAppointments WordPress plugin (versions
WordPress plugin gAppointments security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
PT-2023-20932 · WordPress · Gappointments
Name of the Vulnerable Software and Affected Versions: gAppointments WordPress plugin versions 1.9.5.1 and earlier Description: The issue concerns the gAppointments WordPress plugin, which does not properly sanitise and escape some of its settings. This could allow high-privilege users, such as...
CVE-2023-2705
The gAppointments WordPress plugin before 1.10.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against admin...
CVE-2023-2705
The gAppointments WordPress plugin before 1.10.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against admin...
Cross site scripting
The gAppointments WordPress plugin before 1.10.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against admin...