Cross-Site Request Forgery (CSRF) vulnerability in alextselegidis Easy!Appointments allows Cross Site Request Forgery. This issue affects Easy!Appointments: from n/a through 1.4.2.
History

Tue, 08 Jul 2025 17:15:00 +0000

Type Values Removed Values Added
First Time appeared Easyappointments
Easyappointments easy\!appointments
CPEs cpe:2.3:a:easyappointments:easy\!appointments:*:*:*:*:*:wordpress:*:*
Vendors & Products Easyappointments
Easyappointments easy\!appointments

Tue, 01 Apr 2025 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 01 Apr 2025 15:00:00 +0000

Type Values Removed Values Added
Description Cross-Site Request Forgery (CSRF) vulnerability in alextselegidis Easy!Appointments allows Cross Site Request Forgery. This issue affects Easy!Appointments: from n/a through 1.4.2.
Title WordPress Easy!Appointments plugin <= 1.4.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability
Weaknesses CWE-352
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Patchstack

Published: 2025-04-01T14:51:48.676Z

Updated: 2025-04-01T17:59:38.205Z

Reserved: 2025-04-01T13:20:32.606Z

Link: CVE-2025-31828

cve-icon Vulnrichment

Updated: 2025-04-01T17:59:29.341Z

cve-icon NVD

Status : Analyzed

Published: 2025-04-01T15:16:22.887

Modified: 2025-07-08T16:49:53.200

Link: CVE-2025-31828

cve-icon Redhat

No data.