Easy Appointments
easy-appointments
6 CVEs • 1 product
Products (1)
Click to collapseToggle
Products (1)
Click to collapse
CVEs (6)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Easy Appointments 1Easy Appointments Jun 17, 2026 Dec 9, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nikola Loncar Easy Appointments allows Stored XSS.This issue affects Easy Appointments: from n/a through 3.10.7. |
1Easy Appointments 1Easy Appointments Jun 17, 2026 Mar 29, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The Easy Appointments plugin for WordPress is vulnerable to unauthorized modification of data due to insufficient user validation on the ajax_cancel_appointment() function in all versions up to, and including, 3.11.18. T...Show more |
1Easy Appointments 1Easy Appointments Jun 17, 2026 Mar 29, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The Easy Appointments plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ea_full_calendar' shortcode in all versions up to, and including, 3.11.18 due to insufficient input sanitization a...Show more |
1Easy Appointments 1Easy Appointments Jun 17, 2026 Jul 17, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Nikola Loncar Easy Appointments plugin <= 3.11.9 versions. |
1Easy Appointments 1Easy Appointments Jun 17, 2026 Jan 23, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The Easy Appointments WordPress plugin before 3.11.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to per...Show more |
1Easy Appointments 1Easy Appointments May 13, 2026 Oct 23, 2017 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The Easy Appointments plugin before 1.12.0 for WordPress has XSS via a Settings values in the admin panel. |