CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-13063
https://notcve.org/view.php?id=CVE-2018-13063
Easy!Appointments 1.3.0 has a Missing Authorization issue allowing retrieval of hashed passwords and salts. Easy!Appointments versión 1.3.0, presenta un problema de Falta de Autorización permitiendo la recuperación de contraseñas y sales en el hash. • https://sysdream.com/news/lab https://sysdream.com/news/lab/2019-10-25-cve-2018-13063-easy-appointments-multiple-confidential-information-leakage • CWE-862: Missing Authorization •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-13060
https://notcve.org/view.php?id=CVE-2018-13060
Easy!Appointments 1.3.0 has a Guessable CAPTCHA issue. Easy!Appointments versión 1.3.0, presenta un problema de CAPTCHA adivinable. • https://sysdream.com/news/lab https://sysdream.com/news/lab/2019-10-25-cve-2018-13060-easy-appointments-captcha-bypass • CWE-287: Improper Authentication •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2019-14936 – Easy!Appointments <= 1.3.2 - Information Disclosure
https://notcve.org/view.php?id=CVE-2019-14936
Easy!Appointments 1.3.2 plugin for WordPress allows Sensitive Information Disclosure (Username and Password Hash). El plugin Easy! Appointments versión 1.3.2 para WordPress, permite una Divulgación de Información Confidencial (Nombre de Usuario y Hash de Contraseña). The Easy! • https://www.blackdragon.team/contents/index.php/cves/cve-2019-14936 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •