cleantalk
Vulnerabilities and Security Researches

Easy Appointments, CVE-2025-49398

CVE, Research URL

CVE-2025-49398

Home page URL

Security reports for Easy Appointments

Application

Easy Appointments

Published on
Nov 06, 2025
Research Description
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Easy Appointments Easy Appointments easy-appointments allows Code Injection.This issue affects Easy Appointments: from n/a through <= 3.12.14.
Affected versions
max 3.12.14.
Status
vulnerable
Previous vulnerability researches
Open User Map (fa21f1aa178e8330d54157227f2ef6360279aa03) , Jun 06, 2024
Open User Map (CVE-2023-45056) , Jun 06, 2024
Open User Map (CVE-2025-57953) , Nov 11, 2025
New vulnerability
Greenshift &#8211; animation and page builder blocks (CVE-2025-11841) , Nov 11, 2025
Range Slider AddOn for Gravity Forms (CVE-2025-49905) , Nov 11, 2025
YOP Poll (CVE-2025-62040) , Nov 11, 2025
Insert Headers and Footers Code &#8211; HT Script (CVE-2025-12112) , Nov 11, 2025
Easy Appointments (CVE-2025-49398) , Nov 11, 2025