WordPress Simply Schedule Appointments <1.5.7.7 - Information Disclosure

WordPress Simply Schedule Appointments plugin before 1.5.7.7 is susceptible to information disclosure. The plugin is missing authorization in a REST endpoint, which can allow an attacker to retrieve user details such as name and email address. id: CVE-2022-2373 info: name: WordPress Simply Schedu...

WordPress Simply Schedule Appointments plugin <= 1.6.10.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by devploit in WordPress Plugin Simply Schedule Appointments versions = 1.6.10.6...

WordPress Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin <= 1.6.11.8 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by daroo in WordPress Plugin Simply Schedule Appointments versions = 1.6.11.8...

WordPress Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin <= 1.6.11.8 - Missing Authorization to Unauthenticated Arbitrary Modification vulnerability

Missing Authorization to Unauthenticated Arbitrary Modification vulnerability discovered by winrace in WordPress Plugin Simply Schedule Appointments versions = 1.6.11.8...

CVE-2026-7493

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to denial of service in all versions up to, and including, 1.6.11.5. This is due to a publicly accessible REST API endpoint /wp-json/ssa/v1/async that calls PHP's sleep function on a...

WordPress Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin <= 1.6.10.6 - Unauthenticated Arbitrary Appointment View, Modification and Deletion vulnerability

Unauthenticated Arbitrary Appointment View, Modification and Deletion vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Simply Schedule Appointments versions = 1.6.10.6...

CVE-2026-39694

Missing Authorization vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simply Schedule Appointments: from n/a through = 1.6.10.2...

WordPress Simply Schedule Appointments plugin < 1.6.11.2 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Jakub Herman in WordPress Plugin Simply Schedule Appointments versions 1.6.11.2...

CVE-2026-39495

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Blind SQL Injection.This issue affects Simply Schedule Appointments: from n/a through = 1.6.9.27...

WordPress Simply Schedule Appointments plugin <= 1.6.9.27 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Doan Dinh Van in WordPress Plugin Simply Schedule Appointments versions = 1.6.9.27...

EUVD-2026-20391

Missing Authorization vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simply Schedule Appointments: from n/a through = 1.6.10.2...

CVE-2026-39694

The CVE covers a Missing Authorization vulnerability in the WordPress plugin Simply Schedule Appointments (NSquared) versions up to and including 1.6.10.2, caused by incorrectly configured access control security levels (broken access control). The vulnerability affects Simply Schedule Appointmen...

CVE-2026-39694 WordPress Simply Schedule Appointments plugin <= 1.6.10.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simply Schedule Appointments: from n/a through = 1.6.10.2...

CVE-2026-39694 WordPress Simply Schedule Appointments plugin <= 1.6.10.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simply Schedule Appointments: from n/a through = 1.6.10.2...

CVE-2026-39694

Missing Authorization vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simply Schedule Appointments: from n/a through = 1.6.10.2...

CVE-2026-39495 WordPress Simply Schedule Appointments plugin <= 1.6.9.27 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Blind SQL Injection.This issue affects Simply Schedule Appointments: from n/a through = 1.6.9.27...

CVE-2026-39495

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Blind SQL Injection.This issue affects Simply Schedule Appointments: from n/a through = 1.6.9.27...

CVE-2026-39495

CVE-2026-39495 describes an SQL Injection vulnerability in the WordPress plugin Simply Schedule Appointments (NSquared) affecting versions up to 1.6.9.27. The issue is an Improper Neutralization of Special Elements used in an SQL Command, leading to Blind SQL Injection. The connected Red Hat, ENI...

WordPress plugin Simply Schedule Appointments 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-31256

Name of the Vulnerable Software and Affected Versions Simply Schedule Appointments versions through 1.6.10.2 Description Missing authorization exists in NSquared Simply Schedule Appointments due to incorrectly configured access control security levels. Recommendations Update Simply Schedule...