CVE-2022-2373
N/A
N/A
Summary
The Simply Schedule Appointments WordPress plugin before 1.5.7.7 is missing authorisation in a REST endpoint, allowing unauthenticated users to retrieve WordPress users details such as name and email address
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Unknown | Simply Schedule Appointments – WordPress Booking Plugin | 1.5.7.7 < 1.5.7.7 | affected |
Weaknesses
- CWE-862: CWE-862 Missing Authorization
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.