Nsqua Simply Schedule Appointments — known CVE vulnerabilities
Every CVE whose affected-product data names Nsqua Simply Schedule Appointments, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2023-50851 — CVSS 7.6 (high): Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in N Squared Appointment Booking…
CVE-2024-7129 — CVSS 7.2 (high): The Appointment Booking Calendar WordPress plugin before 1.6.7.43 does not escape template syntax provided via user input, leading to Twig…
CVE-2022-2373 — CVSS 5.3 (medium): The Simply Schedule Appointments WordPress plugin before 1.5.7.7 is missing authorisation in a REST endpoint, allowing unauthenticated…
CVE-2022-2374 — CVSS 4.8 (medium): The Simply Schedule Appointments WordPress plugin before 1.5.7.7 does not sanitise and escape some of its settings, which could allow high…
CVE-2024-7876 — CVSS 4.8 (medium): The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin WordPress plugin before 1.6.7.55 does not sanitise and…
CVE-2024-7877 — CVSS 4.8 (medium): The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin WordPress plugin before 1.6.7.55 does not sanitise and…