Nsqua Simply_schedule_appointments
6 CVEs affecting Nsqua Simply_schedule_appointments. Latest disclosed: 2024-11-05. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-50851 | High | 7.6 | 2023-12-28 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in N Squared Appointment Booking Calendar — Simply Schedule… |
CVE-2024-7129 | High | 7.2 | 2024-09-13 | The Appointment Booking Calendar WordPress plugin before 1.6.7.43 does not escape template syntax provided via user input, leading to Twig Template Injection w… |
CVE-2022-2373 | Medium | 5.3 | 2022-08-29 | The Simply Schedule Appointments WordPress plugin before 1.5.7.7 is missing authorisation in a REST endpoint, allowing unauthenticated users to retrieve WordPr… |
CVE-2024-7877 | Medium | 4.8 | 2024-11-05 | The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin WordPress plugin before 1.6.7.55 does not sanitise and escape some of its Notifi… |
CVE-2024-7876 | Medium | 4.8 | 2024-11-05 | The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin WordPress plugin before 1.6.7.55 does not sanitise and escape some of its Appoin… |
CVE-2022-2374 | Medium | 4.8 | 2022-08-29 | The Simply Schedule Appointments WordPress plugin before 1.5.7.7 does not sanitise and escape some of its settings, which could allow high privilege users such… |