Lucene search

K
NsquaredSimply Schedule Appointments*

4 matches found

CVE
CVE
added 2024/03/06 6:15 a.m.53 views

CVE-2024-1760

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6.6.20. This is due to missing or incorrect nonce validation on the ssa_factory_reset() function. This makes it pos...

4.7CVSS5.2AI score0.00134EPSS
CVE
CVE
added 2024/04/09 7:15 p.m.52 views

CVE-2024-2342

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to SQL Injection via the customer_id parameter in all versions up to, and including, 1.6.7.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparati...

8.8CVSS9.3AI score0.00341EPSS
CVE
CVE
added 2024/05/16 11:15 a.m.44 views

CVE-2024-4288

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘link’ parameter in versions up to, and including, 1.6.7.14 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.7AI score0.00197EPSS
CVE
CVE
added 2024/04/09 7:15 p.m.42 views

CVE-2024-2341

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to SQL Injection via the keys parameter in all versions up to, and including, 1.6.7.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...

8.8CVSS9.3AI score0.00397EPSS