CVE-2017-20206
The CVE-2017-20206 entry concerns the WordPress Appointments plugin (versions up to 2.2.1). The vulnerability is a PHP Object Injection via deserialization of untrusted input from the wpmudev_appointments cookie, allowing unauthenticated attackers to inject a PHP object. The documented impact ind...