Filtered by vendor Easyappointments Subscriptions

Search

Switch to Advanced Search (Beta)
Total 28 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-38049 1 Easyappointments 1 Easyappointments 2024-11-21 9.9 Critical
A BOLA vulnerability in GET, PUT, DELETE /appointments/{appointmentId} allows a low privileged user to fetch, modify or delete an appointment of any user (including admin). This results in unauthorized access and unauthorized data manipulation.
CVE-2023-38048 1 Easyappointments 1 Easyappointments 2024-11-21 9.9 Critical
A BOLA vulnerability in GET, PUT, DELETE /providers/{providerId} allows a low privileged user to fetch, modify or delete a privileged user (provider). This results in unauthorized access and unauthorized data manipulation.
CVE-2023-38047 1 Easyappointments 1 Easyappointments 2024-11-21 8.5 High
A BOLA vulnerability in GET, PUT, DELETE /categories/{categoryId} allows a low privileged user to fetch, modify or delete the category of any user (including admin). This results in unauthorized access and unauthorized data manipulation.
CVE-2022-1397 1 Easyappointments 1 Easyappointments 2024-11-21 8.8 High
API Privilege Escalation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Full system takeover.
CVE-2022-0482 1 Easyappointments 1 Easyappointments 2024-11-21 9.1 Critical
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository alextselegidis/easyappointments prior to 1.4.3.
CVE-2019-14936 1 Easyappointments 1 Easy\!appointments 2024-11-21 5.3 Medium
Easy!Appointments 1.3.2 plugin for WordPress allows Sensitive Information Disclosure (Username and Password Hash).
CVE-2018-13063 1 Easyappointments 1 Easy\!appointments 2024-11-21 7.5 High
Easy!Appointments 1.3.0 has a Missing Authorization issue allowing retrieval of hashed passwords and salts.
CVE-2018-13060 1 Easyappointments 1 Easy\!appointments 2024-11-21 6.5 Medium
Easy!Appointments 1.3.0 has a Guessable CAPTCHA issue.