Easy-appointments Easy_appointments
6 CVEs affecting Easy-appointments Easy_appointments. Latest disclosed: 2024-12-09. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-2842 | Medium | 6.4 | 2024-03-29 | The Easy Appointments plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ea_full_calendar' shortcode in all versions up to, an… |
CVE-2017-15812 | Medium | 6.1 | 2017-10-23 | The Easy Appointments plugin before 1.12.0 for WordPress has XSS via a Settings values in the admin panel. |
CVE-2022-4668 | Medium | 5.4 | 2023-01-23 | The Easy Appointments WordPress plugin before 3.11.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, whi… |
CVE-2023-30748 | Medium | 4.3 | 2024-12-09 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nikola Loncar Easy Appointments allows Stored XSS.This is… |
CVE-2024-2844 | Medium | 4.3 | 2024-03-29 | The Easy Appointments plugin for WordPress is vulnerable to unauthorized modification of data due to insufficient user validation on the ajax_cancel_appointmen… |
CVE-2022-36424 | Medium | 4.3 | 2023-07-17 | Cross-Site Request Forgery (CSRF) vulnerability in Nikola Loncar Easy Appointments plugin <= 3.11.9 versions. |