Alextselegidis/easyappointments
This hub aggregates every CVE we track for Alextselegidis/easyappointments, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
15
CVEs tracked
3
Critical
5
High
0
In CISA KEV
Severity distribution
MEDIUM6HIGH5CRITICAL3LOW1
Monthly trend
0
0
0
0
0
0
0
2
0
0
1
0
0
1
0
0
0
0
1
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Alextselegidis/easyappointments.
- CVE-2026-23622CSRF Protection Bypass: Sensitive endpoints accept GET requests, enabling admin account takeover8.8
- CVE-2025-50383alextselegidis Easy!Appointments v1.5.1 was discovered to contain a SQL injection vulnerability via the order_by parameter.8.1
- CVE-2025-29448Booking logic flaw in Easy!Appointments v1.5.1 allows unauthenticated attackers to create appointments with excessively long durations, causing a denial of service by blocking all future booking av...7.5
- CVE-2024-57601Cross Site Scripting vulnerability in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to execute arbitrary code via the legal_settings parameter.6.1
- CVE-2024-57602An issue in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to escalate privileges via the index.php file.9.8
- CVE-2023-3700Authorization Bypass Through User-Controlled Key in alextselegidis/easyappointments6.3
- CVE-2023-3568Open Redirect in alextselegidis/easyappointments6.3
- CVE-2023-2105Session Fixation in alextselegidis/easyappointments8.8
- CVE-2023-2104Improper Access Control in alextselegidis/easyappointments5.4
- CVE-2023-2102Cross-site Scripting (XSS) - Stored in alextselegidis/easyappointments4.8
- CVE-2023-2103Cross-site Scripting (XSS) - Stored in alextselegidis/easyappointments5.4
- CVE-2023-1367 Code Injection in alextselegidis/easyappointments3.8
- CVE-2023-1269Use of Hard-coded Credentials in alextselegidis/easyappointments9.8
- CVE-2022-1397API Privilege Escalation in alextselegidis/easyappointments8.8
- CVE-2022-0482Exposure of Private Personal Information to an Unauthorized Actor in alextselegidis/easyappointments9.1
Product normalization is registry-driven with AI assist and human review. How it works