CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-1367 – Code Injection in alextselegidis/easyappointments
https://notcve.org/view.php?id=CVE-2023-1367
13 Mar 2023 — Code Injection in GitHub repository alextselegidis/easyappointments prior to 1.5.0. • https://github.com/alextselegidis/easyappointments/commit/453c6e130229718680c91bef450db643a0f263e4 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-1269 – Use of Hard-coded Credentials in alextselegidis/easyappointments
https://notcve.org/view.php?id=CVE-2023-1269
08 Mar 2023 — Use of Hard-coded Credentials in GitHub repository alextselegidis/easyappointments prior to 1.5.0. • https://github.com/alextselegidis/easyappointments/commit/2731d2f17c5140c562426b857e9f5d63da5c4593 • CWE-798: Use of Hard-coded Credentials •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1397 – API Privilege Escalation in alextselegidis/easyappointments
https://notcve.org/view.php?id=CVE-2022-1397
10 May 2022 — API Privilege Escalation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Full system takeover. Una Escalada de privilegios de la API en el repositorio de GitHub alextselegidis/easyappointments versiones anteriores a 1.5.0. Una toma de control total del sistema • https://github.com/alextselegidis/easyappointments/commit/63dbb51decfcc1631c398ecd6d30e3a337845526 • CWE-269: Improper Privilege Management •
CVSS: 9.1EPSS: 72%CPEs: 1EXPL: 6CVE-2022-0482 – Exposure of Private Personal Information to an Unauthorized Actor in alextselegidis/easyappointments
https://notcve.org/view.php?id=CVE-2022-0482
09 Mar 2022 — Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository alextselegidis/easyappointments prior to 1.4.3. Una Exposición de Información Personal Privada a un Actor no Autorizado en el repositorio de GitHub alextselegidis/easyappointments versiones anteriores a 1.4.3 Easy!Appointments versions prior to 1.4.3 suffers from an unauthenticated PII disclosure vulnerability. • https://packetstorm.news/files/id/166701 • CWE-359: Exposure of Private Personal Information to an Unauthorized Actor CWE-863: Incorrect Authorization •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-13063
https://notcve.org/view.php?id=CVE-2018-13063
16 Mar 2020 — Easy!Appointments 1.3.0 has a Missing Authorization issue allowing retrieval of hashed passwords and salts. Easy!Appointments versión 1.3.0, presenta un problema de Falta de Autorización permitiendo la recuperación de contraseñas y sales en el hash. • https://sysdream.com/news/lab • CWE-862: Missing Authorization •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-13060
https://notcve.org/view.php?id=CVE-2018-13060
16 Mar 2020 — Easy!Appointments 1.3.0 has a Guessable CAPTCHA issue. Easy!Appointments versión 1.3.0, presenta un problema de CAPTCHA adivinable. • https://sysdream.com/news/lab • CWE-287: Improper Authentication •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2019-14936 – Easy!Appointments <= 1.3.2 - Information Disclosure
https://notcve.org/view.php?id=CVE-2019-14936
11 Sep 2019 — Easy!Appointments 1.3.2 plugin for WordPress allows Sensitive Information Disclosure (Username and Password Hash). El plugin Easy! Appointments versión 1.3.2 para WordPress, permite una Divulgación de Información Confidencial (Nombre de Usuario y Hash de Contraseña). The Easy! • https://www.blackdragon.team/contents/index.php/cves/cve-2019-14936 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •