cleantalk
Vulnerabilities and Security Researches

Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin, CVE-2022-2373

CVE, Research URL

CVE-2022-2373

Home page URL

Security reports for Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin

Application

Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin

Published on
Aug 29, 2022
Research Description
The Simply Schedule Appointments WordPress plugin before 1.5.7.7 is missing authorisation in a REST endpoint, allowing unauthenticated users to retrieve WordPress users details such as name and email address
Affected versions
Min -, max 1.5.7.7.
Status
vulnerable
Previous vulnerability researches
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (CVE-2024-7129) , Sep 15, 2024
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (CVE-2024-7877) , Oct 17, 2024
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (CVE-2024-7876) , Oct 17, 2024
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (CVE-2024-22311) , Jun 07, 2024
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (CVE-2024-4288) , Jun 07, 2024
New vulnerability
Graphina – Elementor Charts and Graphs (CVE-2025-47480) , May 09, 2025
Graphina – Elementor Charts and Graphs (CVE-2025-47533) , May 09, 2025
Simple Giveaways – Grow your business, email lists and traffic with contests (CVE-2025-47606) , May 09, 2025
Supertext Translation and Proofreading (CVE-2025-47639) , May 09, 2025
Quran multilanguage Text & Audio (CVE-2025-47524) , May 09, 2025