NotCVE - vendor:"Easyappointments" product:"Easyappointments" version:"

10 results (0.006 seconds)

CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-32295 – WordPress Easy!Appointments plugin <= 1.3.3 - Arbitrary File Deletion vulnerability

https://notcve.org/view.php?id=CVE-2023-32295

10 Aug 2023 — Missing Authorization vulnerability in Alex Tselegidis Easy!Appointments.This issue affects Easy!Appointments: from n/a through 1.3.3. Vulnerabilidad de autorización faltante en Alex Tselegidis Easy!Appointments. • https://patchstack.com/database/vulnerability/easyappointments/wordpress-easy-appointments-plugin-1-3-1-arbitrary-file-deletion-vulnerability?_s_id=cve • CWE-862: Missing Authorization •

CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-3700 – Authorization Bypass Through User-Controlled Key in alextselegidis/easyappointments

https://notcve.org/view.php?id=CVE-2023-3700

17 Jul 2023 — Authorization Bypass Through User-Controlled Key in GitHub repository alextselegidis/easyappointments prior to 1.5.0. • https://github.com/alextselegidis/easyappointments/commit/b37b46019553089db4f22eb2fe998bca84b2cb64 • CWE-639: Authorization Bypass Through User-Controlled Key •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-2102 – Cross-site Scripting (XSS) - Stored in alextselegidis/easyappointments

https://notcve.org/view.php?id=CVE-2023-2102

15 Apr 2023 — Cross-site Scripting (XSS) - Stored in GitHub repository alextselegidis/easyappointments prior to 1.5.0. • https://github.com/alextselegidis/easyappointments/commit/bddc5cbeb7ff237a72943b304dcb01c653781767 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-2103 – Cross-site Scripting (XSS) - Stored in alextselegidis/easyappointments

https://notcve.org/view.php?id=CVE-2023-2103

15 Apr 2023 — Cross-site Scripting (XSS) - Stored in GitHub repository alextselegidis/easyappointments prior to 1.5.0. • https://github.com/alextselegidis/easyappointments/commit/46a865300e94c7031cc0e315d95d3e3e56768498 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-2104 – Improper Access Control in alextselegidis/easyappointments

https://notcve.org/view.php?id=CVE-2023-2104

15 Apr 2023 — Improper Access Control in GitHub repository alextselegidis/easyappointments prior to 1.5.0. • https://github.com/alextselegidis/easyappointments/commit/75b24735767868344193fb2cc56e17ee4b9ac4be • CWE-284: Improper Access Control •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-2105 – Session Fixation in alextselegidis/easyappointments

https://notcve.org/view.php?id=CVE-2023-2105

15 Apr 2023 — Session Fixation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. • https://github.com/alextselegidis/easyappointments/commit/7f37350fab9d729a9350d96369ff0f453cf7b840 • CWE-384: Session Fixation •

CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-1367 – Code Injection in alextselegidis/easyappointments

https://notcve.org/view.php?id=CVE-2023-1367

13 Mar 2023 — Code Injection in GitHub repository alextselegidis/easyappointments prior to 1.5.0. • https://github.com/alextselegidis/easyappointments/commit/453c6e130229718680c91bef450db643a0f263e4 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-1269 – Use of Hard-coded Credentials in alextselegidis/easyappointments

https://notcve.org/view.php?id=CVE-2023-1269

08 Mar 2023 — Use of Hard-coded Credentials in GitHub repository alextselegidis/easyappointments prior to 1.5.0. • https://github.com/alextselegidis/easyappointments/commit/2731d2f17c5140c562426b857e9f5d63da5c4593 • CWE-798: Use of Hard-coded Credentials •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1

CVE-2022-1397 – API Privilege Escalation in alextselegidis/easyappointments

https://notcve.org/view.php?id=CVE-2022-1397

10 May 2022 — API Privilege Escalation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Full system takeover. Una Escalada de privilegios de la API en el repositorio de GitHub alextselegidis/easyappointments versiones anteriores a 1.5.0. Una toma de control total del sistema • https://github.com/alextselegidis/easyappointments/commit/63dbb51decfcc1631c398ecd6d30e3a337845526 • CWE-269: Improper Privilege Management •

CVSS: 9.1EPSS: 72%CPEs: 1EXPL: 6

CVE-2022-0482 – Exposure of Private Personal Information to an Unauthorized Actor in alextselegidis/easyappointments

https://notcve.org/view.php?id=CVE-2022-0482

09 Mar 2022 — Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository alextselegidis/easyappointments prior to 1.4.3. Una Exposición de Información Personal Privada a un Actor no Autorizado en el repositorio de GitHub alextselegidis/easyappointments versiones anteriores a 1.4.3 Easy!Appointments versions prior to 1.4.3 suffers from an unauthenticated PII disclosure vulnerability. • https://packetstorm.news/files/id/166701 • CWE-359: Exposure of Private Personal Information to an Unauthorized Actor CWE-863: Incorrect Authorization •