Easy Appointments@* Security Vulnerabilities and Issues — Easy Appointments@* CVE List

Lucene search

Easy-appointmentsEasy Appointments*

3 matches found

CVE•added 2024/03/29 6:15 a.m.•45 views

CVE-2024-2844

The Easy Appointments plugin for WordPress is vulnerable to unauthorized modification of data due to insufficient user validation on the ajax_cancel_appointment() function in all versions up to, and including, 3.11.18. This makes it possible for unauthenticated attackers to cancel other users order...

4.3CVSS5.4AI score0.00086EPSS

CVE•added 2024/12/09 1:15 p.m.•36 views

CVE-2023-30748

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nikola Loncar Easy Appointments allows Stored XSS.This issue affects Easy Appointments: from n/a through 3.10.7.

6.1CVSS4.6AI score0.00064EPSS

CVE•added 2024/03/29 6:15 a.m.•36 views

CVE-2024-2842

The Easy Appointments plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ea_full_calendar' shortcode in all versions up to, and including, 3.11.18 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for auth...

6.4CVSS7.6AI score0.00124EPSS