cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forwappointment wappointment

Direction: ascending
Jun 07, 2024

Appointment Bookings for Zoom GoogleMeet and more – Wappointment # a2b816a4-9faf-40ea-a81d-88687f99de77

CVE, Research URL

a2b816a4-9faf-40ea-a81d-88687f99de77

Home page URL

Security reports for Appointment Bookings for Zoom GoogleMeet and more – Wappointment

Application

Appointment Bookings for Zoom GoogleMeet and more – Wappointment

Date
-
Research Description
Appointment Bookings for Zoom GoogleMeet and more &#8211; Wappointment [wappointment] < 2.2.5 Wappointment &lt; 2.2.5 - Unauthenticated Stored Cross-Site Scripting The plugin does not sanitise the name parameter when booking an appointment, leading to a Stored Cross-Site Scripting issue which is triggered when an admin view the Calendar.
Affected versions
max 2.2.5.
Status
vulnerable

Appointment Bookings for Zoom GoogleMeet and more &#8211; Wappointment # CVE-2024-32454

CVE, Research URL

CVE-2024-32454

Home page URL

Security reports for Appointment Bookings for Zoom GoogleMeet and more &#8211; Wappointment

Application

Appointment Bookings for Zoom GoogleMeet and more &#8211; Wappointment

Date
Apr 15, 2024
Research Description
Server-Side Request Forgery (SSRF) vulnerability in Wappointment Appointment Bookings for Zoom GoogleMeet and more – Wappointment.This issue affects Appointment Bookings for Zoom GoogleMeet and more – Wappointment: from n/a through 2.6.0.
Affected versions
max 2.6.1.
Status
vulnerable
Dec 11, 2025

Appointment Bookings for Zoom GoogleMeet and more &#8211; Wappointment # CVE-2025-67551

CVE, Research URL

CVE-2025-67551

Home page URL

Security reports for Appointment Bookings for Zoom GoogleMeet and more &#8211; Wappointment

Application

Appointment Bookings for Zoom GoogleMeet and more &#8211; Wappointment

Date
Dec 09, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wappointment team Wappointment wappointment allows Stored XSS.This issue affects Wappointment: from n/a through <= 2.6.9.
Affected versions
max 2.6.9.
Status
vulnerable
Jan 11, 2026

Appointment Bookings for Zoom GoogleMeet and more &#8211; Wappointment # CVE-2025-68575

CVE, Research URL

CVE-2025-68575

Home page URL

Security reports for Appointment Bookings for Zoom GoogleMeet and more &#8211; Wappointment

Application

Appointment Bookings for Zoom GoogleMeet and more &#8211; Wappointment

Date
Dec 24, 2025
Research Description
Missing Authorization vulnerability in Wappointment team Wappointment wappointment allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wappointment: from n/a through <=2.7.2.
Affected versions
max 2.7.2.
Status
vulnerable