Lucene search
+L

39 matches found

NVD
NVD
added 2026/07/02 10:16 a.m.8 views

CVE-2026-9188

The Appointment Bookings for Zoom GoogleMeet and more – Wappointment plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to and including 2.7.6 via the appointmentkey parameter due to the appointment editkey — the sole authorization token consumed by tryCance...

5.3CVSS0.00297EPSS
Exploits0References10
EUVD
EUVD
added 2026/07/02 8:33 a.m.7 views

EUVD-2026-41260

The Appointment Bookings for Zoom GoogleMeet and more – Wappointment plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to and including 2.7.6 via the appointmentkey parameter due to the appointment editkey — the sole authorization token consumed by tryCance...

5.3CVSS5.8AI score0.00297EPSS
Exploits0References10
CVE
CVE
added 2026/07/02 8:33 a.m.14 views

CVE-2026-9188

CVE-2026-9188 affects the WordPress plugin “Wappointment” (Appointment Bookings for Zoom GoogleMeet and more) up to version 2.7.6. The vulnerability is an Insecure Direct Object Reference via the appointmentkey/edit_key parameter, where the authorization token consumed by tryCancel() is a predict...

5.3CVSS5.8AI score0.00297EPSS
Exploits0References10
Cvelist
Cvelist
added 2026/07/02 8:33 a.m.37 views

CVE-2026-9188 Appointment Bookings for Zoom GoogleMeet and more – Wappointment <= 2.7.6 - Unauthenticated Insecure Direct Object Reference via Predictable 'edit_key' / 'appointmentkey' Parameter

The Appointment Bookings for Zoom GoogleMeet and more – Wappointment plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to and including 2.7.6 via the appointmentkey parameter due to the appointment editkey — the sole authorization token consumed by tryCance...

5.3CVSS0.00297EPSS
Exploits0References10
Patchstack
Patchstack
added 2026/07/01 8:20 p.m.5 views

WordPress Appointment Bookings for Zoom GoogleMeet and more – Wappointment plugin <= 2.7.6 - Unauthenticated Insecure Direct Object Reference vulnerability

Unauthenticated Insecure Direct Object Reference vulnerability discovered by davidfdzmorilla in WordPress Plugin Wappointment versions = 2.7.6...

5.3CVSS5.8AI score0.00297EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/25 1:23 p.m.5 views

CVE-2025-68575

Missing Authorization vulnerability in Wappointment team Wappointment wappointment allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wappointment: from n/a through = 2.7.6...

5.3CVSS5.9AI score0.00219EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/24 3:30 p.m.5 views

EUVD-2025-205260

Missing Authorization vulnerability in Wappointment team Wappointment wappointment allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wappointment: from n/a through =2.7.2...

8.8CVSS6.5AI score0.00219EPSS
Exploits0References2
NVD
NVD
added 2025/12/24 1:16 p.m.5 views

CVE-2025-68575

Missing Authorization vulnerability in Wappointment team Wappointment wappointment allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wappointment: from n/a through = 2.7.6...

5.3CVSS0.00219EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/24 1:10 p.m.2 views

CVE-2025-68575 WordPress Wappointment plugin <= 2.7.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Wappointment team Wappointment wappointment allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wappointment: from n/a through = 2.7.6...

5.3CVSS5.9AI score0.00219EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/24 1:10 p.m.32 views

CVE-2025-68575 WordPress Wappointment plugin <= 2.7.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Wappointment team Wappointment wappointment allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wappointment: from n/a through = 2.7.6...

5.3CVSS0.00219EPSS
Exploits0References1
CVE
CVE
added 2025/12/24 1:10 p.m.13 views

CVE-2025-68575

CVE-2025-68575 is a missing-authentication vulnerability in the WordPress appointment plugin/feature “Wappointment” (Wappointment

5.3CVSS5.9AI score0.00219EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.8 views

PT-2025-53263

Name of the Vulnerable Software and Affected Versions Wappointment versions through 2.7.2 Description An issue exists in Wappointment that relates to incorrectly configured access control security levels, potentially allowing unauthorized access. Recommendations Update Wappointment to a version...

8.8CVSS6.6AI score0.00219EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/24 12:0 a.m.3 views

WordPress plugin Wappointment 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

5.3CVSS6.5AI score0.00219EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/21 9:45 a.m.3 views

WordPress Wappointment plugin <= 2.7.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin Wappointment versions = 2.7.5...

8.8CVSS5.3AI score0.00219EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/10 2:23 p.m.3 views

CVE-2025-67551

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wappointment team Wappointment wappointment allows Stored XSS.This issue affects Wappointment: from n/a through = 2.6.9...

6.5CVSS6AI score0.00162EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/09 6:30 p.m.4 views

EUVD-2025-202095

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wappointment team Wappointment wappointment allows Stored XSS.This issue affects Wappointment: from n/a through = 2.6.9...

5.5AI score0.00162EPSS
Exploits0References2
NVD
NVD
added 2025/12/09 4:18 p.m.17 views

CVE-2025-67551

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wappointment team Wappointment wappointment allows Stored XSS.This issue affects Wappointment: from n/a through = 2.6.9...

6.5CVSS0.00162EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/09 2:14 p.m.3 views

CVE-2025-67551 WordPress Wappointment plugin <= 2.6.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wappointment team Wappointment wappointment allows Stored XSS.This issue affects Wappointment: from n/a through = 2.6.9...

6.5CVSS5.6AI score0.00162EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/09 2:14 p.m.43 views

CVE-2025-67551 WordPress Wappointment plugin <= 2.6.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wappointment team Wappointment wappointment allows Stored XSS.This issue affects Wappointment: from n/a through = 2.6.9...

6.5CVSS0.00162EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 2:14 p.m.18 views

CVE-2025-67551

CVE-2025-67551 affects WordPress Wappointment plugin (

6.5CVSS5.6AI score0.00162EPSS
Exploits0References1
Rows per page
Query Builder