Nikola Loncar Easy Appointments vulnerabilities
2 known vulnerabilities affecting nikola_loncar/easy_appointments.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2022-36424P3HIGHCVSS 8.8≥ n/a, ≤ 3.11.92023-07-17
CVE-2022-36424 [HIGH] CWE-352 CVE-2022-36424: Cross-Site Request Forgery (CSRF) vulnerability in Nikola Loncar Easy Appointments plugin <= 3.11.9
Cross-Site Request Forgery (CSRF) vulnerability in Nikola Loncar Easy Appointments plugin <= 3.11.9 versions.
nvd
CVE-2023-30748P4MEDIUMCVSS 6.1≥ n/a, ≤ 3.10.72024-12-09
CVE-2023-30748 [MEDIUM] CWE-79 CVE-2023-30748: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nikola Loncar Easy Appointments allows Stored XSS.This issue affects Easy Appointments: from n/a through 3.10.7.
nvd