VYPR

Appointment

by WordPress

CVEs (1)

  • CVE-2017-20206Oct 18, 2025
    risk 0.00cvss epss 0.01

    The Appointments plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.2.1 via deserialization of untrusted input from the `wpmudev_appointments` cookie. This allows unauthenticated attackers to inject a PHP Object. Attackers were…