Unrated severityNVD Advisory· Published Aug 29, 2022· Updated Aug 3, 2024
Simply Schedule Appointments < 1.5.7.7 - Unauthenticated Email Address Disclosure
CVE-2022-2373
Description
The Simply Schedule Appointments WordPress plugin before 1.5.7.7 is missing authorisation in a REST endpoint, allowing unauthenticated users to retrieve WordPress users details such as name and email address
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <1.5.7.7
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/6aa9aa0d-b447-4584-a07e-b8a0d1b83a31mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.