Easy!appointments Security Vulnerabilities and Issues — Easy!appointments CVE List

Lucene search

EasyappointmentsEasy!appointments

7 matches found

CVE•added 2020/03/16 3:15 p.m.•62 views

CVE-2018-13063

Easy!Appointments 1.3.0 has a Missing Authorization issue allowing retrieval of hashed passwords and salts.

7.5CVSS7.5AI score0.0036EPSS

CVE•added 2020/03/16 3:15 p.m.•55 views

CVE-2018-13060

Easy!Appointments 1.3.0 has a Guessable CAPTCHA issue.

6.5CVSS6.5AI score0.00315EPSS

CVE•added 2025/05/07 3:15 p.m.•55 views

CVE-2025-29448

Booking logic flaw in Easy!Appointments v1.5.1 allows unauthenticated attackers to create appointments with excessively long durations, causing a denial of service by blocking all future booking availability.

7.5CVSS6.5AI score0.00062EPSS

CVE•added 2024/04/11 12:15 p.m.•47 views

CVE-2023-32295

Missing Authorization vulnerability in Alex Tselegidis Easy!Appointments.This issue affects Easy!Appointments: from n/a through 1.3.3.

6.3CVSS6.3AI score0.00179EPSS

CVE•added 2024/03/05 2:15 a.m.•46 views

CVE-2024-0698

The Easy!Appointments plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attacker...

6.4CVSS6AI score0.00138EPSS

CVE•added 2025/04/01 3:16 p.m.•38 views

CVE-2025-31828

Cross-Site Request Forgery (CSRF) vulnerability in alextselegidis Easy!Appointments allows Cross Site Request Forgery. This issue affects Easy!Appointments: from n/a through 1.4.2.

8.8CVSS7.2AI score0.00022EPSS

CVE•added 2019/09/11 7:15 p.m.•36 views

CVE-2019-14936

Easy!Appointments 1.3.2 plugin for WordPress allows Sensitive Information Disclosure (Username and Password Hash).

5.3CVSS5.2AI score0.00249EPSS