Appointment
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-12758 | Cri | 0.64 | 9.8 | 0.03 | May 9, 2019 | https://www.joomlaextensions.co.in/ Joomla! Component Appointment 1.1 is affected by: SQL Injection. The impact is: Code execution (remote). The component is: com_appointment component. | ||
| CVE-2026-39620 | Cri | 0.62 | 9.6 | 0.00 | Apr 8, 2026 | Cross-Site Request Forgery (CSRF) vulnerability in priyanshumittal Appointment appointment allows Upload a Web Shell to a Web Server.This issue affects Appointment: from n/a through <= 3.5.5. | ||
| CVE-2017-20206 | 0.00 | — | 0.01 | Oct 18, 2025 | The Appointments plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.2.1 via deserialization of untrusted input from the `wpmudev_appointments` cookie. This allows unauthenticated attackers to inject a PHP Object. Attackers were… |
- risk 0.64cvss 9.8epss 0.03
https://www.joomlaextensions.co.in/ Joomla! Component Appointment 1.1 is affected by: SQL Injection. The impact is: Code execution (remote). The component is: com_appointment component.
- risk 0.62cvss 9.6epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in priyanshumittal Appointment appointment allows Upload a Web Shell to a Web Server.This issue affects Appointment: from n/a through <= 3.5.5.
- CVE-2017-20206Oct 18, 2025risk 0.00cvss —epss 0.01
The Appointments plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.2.1 via deserialization of untrusted input from the `wpmudev_appointments` cookie. This allows unauthenticated attackers to inject a PHP Object. Attackers were…