cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forsmart-agenda-prise-de-rendez-vous-en-ligne smart-agenda-prise-de-rendez-vous-en-ligne

Direction: ascending
Dec 13, 2024

Smart Agenda – Prise de rendez-vous en ligne # CVE-2024-11781

CVE, Research URL

CVE-2024-11781

Home page URL

Security reports for Smart Agenda – Prise de rendez-vous en ligne

Application

Smart Agenda – Prise de rendez-vous en ligne

Date
Dec 12, 2024
Research Description
The Smart Agenda – Prise de rendez-vous en ligne plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'smartagenda' shortcode in all versions up to, and including, 4.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions
Min -, max -.
Status
vulnerable
Jan 12, 2025

Smart Agenda – Prise de rendez-vous en ligne # CVE-2025-22506

CVE, Research URL

CVE-2025-22506

Home page URL

Security reports for Smart Agenda – Prise de rendez-vous en ligne

Application

Smart Agenda – Prise de rendez-vous en ligne

Date
Jan 13, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SmartAgenda Smart Agenda allows Stored XSS.This issue affects Smart Agenda: from n/a through 4.7.
Affected versions
Min -, max -.
Status
vulnerable
Jan 14, 2025

Smart Agenda – Prise de rendez-vous en ligne # CVE-2024-13348

CVE, Research URL

-

Home page URL

Security reports for Smart Agenda – Prise de rendez-vous en ligne

Application

Smart Agenda – Prise de rendez-vous en ligne

Date
Jan 14, 2025
Research Description
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-22506 Reason: This candidate is a reservation duplicate of CVE-2025-22506. Notes: All CVE users should reference CVE-2025-22506 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Affected versions
Min -, max -.
Status
vulnerable
Jul 02, 2025

Smart Agenda – Prise de rendez-vous en ligne # CVE-2025-53294

CVE, Research URL

CVE-2025-53294

Home page URL

Security reports for Smart Agenda – Prise de rendez-vous en ligne

Application

Smart Agenda – Prise de rendez-vous en ligne

Date
Jun 27, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Smart Agenda Smart Agenda allows Stored XSS. This issue affects Smart Agenda: from n/a through 4.9.
Affected versions
Min -, max -.
Status
vulnerable