Easy-appointments Easy_appointments

6 CVEs affecting Easy-appointments Easy_appointments. Latest disclosed: 2024-12-09. Critical: 0, High: 0.

Top CVEs affecting Easy-appointments Easy_appointments
CVESeverityScorePublishedSummary
CVE-2024-2842Medium6.42024-03-29The Easy Appointments plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ea_full_calendar' shortcode in all versions up to, an…
CVE-2017-15812Medium6.12017-10-23The Easy Appointments plugin before 1.12.0 for WordPress has XSS via a Settings values in the admin panel.
CVE-2022-4668Medium5.42023-01-23The Easy Appointments WordPress plugin before 3.11.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, whi…
CVE-2023-30748Medium4.32024-12-09Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nikola Loncar Easy Appointments allows Stored XSS.This is…
CVE-2024-2844Medium4.32024-03-29The Easy Appointments plugin for WordPress is vulnerable to unauthorized modification of data due to insufficient user validation on the ajax_cancel_appointmen…
CVE-2022-36424Medium4.32023-07-17Cross-Site Request Forgery (CSRF) vulnerability in Nikola Loncar Easy Appointments plugin <= 3.11.9 versions.