Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Cvelist
Cvelistadded 2025/10/22 2:32 p.m.6 views

CVE-2025-49951 WordPress gAppointments Plugin <= 1.14.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpcrunch gAppointments gAppointments allows Reflected XSS.This issue affects gAppointments: from n/a through = 1.14.1...

7.1CVSS0.00012EPSS
Exploits0References1
CVE
CVEadded 2025/10/22 2:32 p.m.2 views

CVE-2025-49951

CVE-2025-49951 affects the WordPress plugin gAppointments (versions up to and including 1.14.1). The vulnerability arises from improper neutralization of user input during web page generation, enabling a reflected Cross-Site Scripting (XSS) attack. Impact is cross-site scripting with potential da...

7.1CVSS6AI score0.00012EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.0 views

EUVD-2023-34171

Malicious code in bioql PyPI...

4.8CVSS5.2AI score0.00091EPSS
Exploits1References1
Patchstack
Patchstackadded 2025/07/11 12:17 p.m.4 views

WordPress gAppointments Plugin <= 1.14.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by 0xd4rk5id3 in WordPress Plugin gAppointments versions = 1.14.1...

7.1CVSS6.2AI score0.00012EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVEadded 2025/05/23 3:30 a.m.7 views

CVE-2023-2705

The gAppointments WordPress plugin before 1.10.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against admin...

6.1CVSS6.1AI score0.00153EPSS
Exploits2References1
RedhatCVE
RedhatCVEadded 2025/05/23 1:53 a.m.2 views

CVE-2023-2707

The gAppointments WordPress plugin through 1.9.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.7AI score0.00091EPSS
Exploits1References1
OSV
OSVadded 2023/11/27 5:15 p.m.1 views

CVE-2023-2707

The gAppointments WordPress plugin through 1.9.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.8AI score
Exploits0References1
Positive Technologies
Positive Technologiesadded 2023/11/27 12:0 a.m.1 views

PT-2023-20932 · WordPress · Gappointments

Name of the Vulnerable Software and Affected Versions: gAppointments WordPress plugin versions 1.9.5.1 and earlier Description: The issue concerns the gAppointments WordPress plugin, which does not properly sanitise and escape some of its settings. This could allow high-privilege users, such as...

4.8CVSS5.8AI score0.00091EPSS
Exploits1References5
Rows per page
Query Builder