Lucene search
K

1488 matches found

Nuclei
Nuclei
added 7 hours ago49 views

WordPress Simply Schedule Appointments <1.5.7.7 - Information Disclosure

WordPress Simply Schedule Appointments plugin before 1.5.7.7 is susceptible to information disclosure. The plugin is missing authorization in a REST endpoint, which can allow an attacker to retrieve user details such as name and email address. id: CVE-2022-2373 info: name: WordPress Simply Schedu...

5.3CVSS6.2AI score0.01424EPSS
Exploits2References5
NVD
NVD
added yesterday4 views

CVE-2026-59523

Missing Authorization vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simply Schedule Appointments: from n/a through = 1.6.11.11...

6.5CVSS0.00266EPSS
Exploits0References1
NVD
NVD
added yesterday5 views

CVE-2026-57812

Missing Authorization vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simply Schedule Appointments: from n/a through = 1.6.12.4...

6.5CVSS0.00332EPSS
Exploits0References1
CVE
CVE
added yesterday9 views

CVE-2026-57812

Summary: CVE-2026-57812 concerns the WordPress plugin “Simply Schedule Appointments.” In affected versions (up to and including 1.6.12.4), the issue is described as a Missing Authorization vulnerability caused by misconfigured access control within the Simply Schedule Appointments plugin, enablin...

6.5CVSS6.1AI score0.00332EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday16 views

CVE-2026-57812 WordPress Simply Schedule Appointments plugin <= 1.6.12.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simply Schedule Appointments: from n/a through = 1.6.12.4...

6.5CVSS0.00332EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday17 views

CVE-2026-59523 WordPress Simply Schedule Appointments plugin <= 1.6.11.11 - Broken Access Control vulnerability

Missing Authorization vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simply Schedule Appointments: from n/a through = 1.6.11.11...

6.5CVSS0.00266EPSS
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2026-59523

CVE-2026-59523 affects the WordPress plugin Simply Schedule Appointments (

6.5CVSS6.1AI score0.00266EPSS
Exploits0References1
NVD
NVD
added 4 days ago6 views

CVE-2026-12955

The GDPR Cookie Consent plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check and missing nonce verification on the gdprcookieconsentajaxsaveschedulescan function the wpajaxgccsaveschedulescan AJAX action in versions up to, and including, 4.3.6...

4.3CVSS0.00196EPSS
Exploits0References5
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-42849

The GDPR Cookie Consent plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check and missing nonce verification on the gdprcookieconsentajaxsaveschedulescan function the wpajaxgccsaveschedulescan AJAX action in versions up to, and including, 4.3.6...

4.3CVSS6.1AI score0.00196EPSS
Exploits0References5
CVE
CVE
added 4 days ago6 views

CVE-2026-12955

The CVE-2026-12955 entry describes a vulnerability in the GDPR Cookie Consent plugin for WordPress (versions up to 4.3.6) where missing capability checks and nonce verification in the gdpr_cookie_consent_ajax_save_schedule_scan() function (wp_ajax_gcc_save_schedule_scan) allow authenticated users...

4.3CVSS6.1AI score0.00196EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 4 days ago8 views

CVE-2026-12955

The GDPR Cookie Consent plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check and missing nonce verification on the gdprcookieconsentajaxsaveschedulescan function the wpajaxgccsaveschedulescan AJAX action in versions up to, and including, 4.3.6...

4.3CVSS6.1AI score0.00196EPSS
Exploits0References6
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-12955 Cookie Banner for GDPR / CCPA <= 4.3.6 - Missing Authorization to Authenticated (Subscriber+) Scan Schedule Modification via gcc_save_schedule_scan AJAX Action

The GDPR Cookie Consent plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check and missing nonce verification on the gdprcookieconsentajaxsaveschedulescan function the wpajaxgccsaveschedulescan AJAX action in versions up to, and including, 4.3.6...

4.3CVSS0.00196EPSS
Exploits0References5
Patchstack
Patchstack
added 5 days ago4 views

WordPress Cookie Banner for GDPR / CCPA – WPLP Cookie Consent plugin <= 4.3.6 - Missing Authorization to Authenticated (Subscriber+) Scan Schedule Modification vulnerability

Missing Authorization to Authenticated Subscriber+ Scan Schedule Modification vulnerability discovered by PRISM in WordPress Plugin WP Cookie Notice for GDPR, CCPA & ePrivacy Consent versions = 4.3.6...

4.3CVSS6.1AI score0.00196EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 5 days ago5 views

WordPress Simply Schedule Appointments plugin <= 1.6.12.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by hio in WordPress Plugin Simply Schedule Appointments versions = 1.6.12.4...

6.5CVSS6.1AI score0.00332EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 5 days ago4 views

WordPress Simply Schedule Appointments plugin <= 1.6.11.11 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by anhcd05 in WordPress Plugin Simply Schedule Appointments versions = 1.6.11.11...

6.5CVSS6.1AI score0.00266EPSS
Exploits0Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/05 11:30 p.m.6 views

CVE-2026-14778

A security vulnerability has been detected in SourceCodester Onlne Examination & Learning Management System 1.0. This affects an unknown part of the file /ajaxenroll.php of the component Enrollment Management. The manipulation of the argument studentid/scheduleid/action leads to improper...

7.5CVSS6.6AI score0.00294EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/07/05 11:30 p.m.13 views

CVE-2026-14778

The CVE concerns SourceCodester Onlne Examination & Learning Management System 1.0. The vulnerability is in the Enrollment Management component, specifically the /ajax_enroll.php file, where manipulation of the arguments student_id, schedule_id, or action leads to improper authorization. This all...

7.5CVSS6.6AI score0.00294EPSS
Exploits0References6
NVD
NVD
added 2026/06/26 3:16 p.m.7 views

CVE-2026-57317

Unauthenticated Cross Site Scripting XSS in Simply Schedule Appointments = 1.6.12.2 versions...

7.1CVSS0.0018EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 2:52 p.m.6 views

CVE-2026-57317

Unauthenticated Cross Site Scripting XSS in Simply Schedule Appointments = 1.6.12.2 versions...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References2
CVE
CVE
added 2026/06/26 2:52 p.m.12 views

CVE-2026-57317

CVE-2026-57317 affects the WordPress plugin Simply Schedule Appointments (versions

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
Rows per page
Query Builder