VYPR
Unrated severityNVD Advisory· Published Aug 29, 2022· Updated Aug 3, 2024

Simply Schedule Appointments < 1.5.7.7 - Unauthenticated Email Address Disclosure

CVE-2022-2373

Description

The Simply Schedule Appointments WordPress plugin before 1.5.7.7 is missing authorisation in a REST endpoint, allowing unauthenticated users to retrieve WordPress users details such as name and email address

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.