Skip to content

RadicalNotion.AI

We do not sell or share your personal information

© 2026 RadicalNotion.AI

Security Data

CWE Directory
CAPEC Directory
CNA Directory
CNA Report Cards
Data Sources

Calculators

CVSS Calculator
CVSS 4.0
CVSS 3.1
CVSS 3.0
CVSS 2.0

Platform

My Vulnerabilities
Insights
Notifications
Account
Pricing

Learn

All guides
What is a CVE?
What is CVSS?
The CISA KEV catalog
What is EPSS?

Company

About us
Blog
Book a demo

Get Started

Sign up
Log in

Legal

Privacy
Terms

Security data

Weaknesses (CWE)The MITRE CWE weakness catalog
Attack Patterns (CAPEC)MITRE CAPEC attack patterns
CNAsNumbering authorities + report cards
VendorsVulnerabilities by vendor

Tools

CVSS CalculatorScore CVSS 4.0, 3.1, 3.0 & 2.0

Resources

LearnPlain-English security guides
Data SourcesHow we source CVE data

About Us Blog Pricing Book a Demo

Log in

Home
Vendors
Alextselegidis
Easyappointments

alextselegidis easyappointments Vulnerabilities: CVEs, CISA KEV & Security Advisories

36 CVEs

alextselegidis easyappointments Vulnerabilities

CVE security advisories and vulnerability history for easyappointments by alextselegidis.

36

Total CVEs

Published

0

In CISA KEV

Exploited in the wild

14

Public exploits

With known exploit

7.8

Avg CVSS

2019–2026

Last updated January 15, 2026

Overview

alextselegidis easyappointments has 36 published CVE records since 2019, of which 0 are in CISA's Known Exploited Vulnerabilities catalog and 14 have a known public exploit. The average CVSS base score across scored CVEs is 7.8.

This page aggregates every publicly disclosed vulnerability (CVE) affecting alextselegidis easyappointments, with a severity breakdown, the affected and patched versions, the most common weakness types, and the full CVE list.

Severity and exploitation

How the CVSS severity of alextselegidis easyappointments's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical11

High10

Medium12

Low0

3 additional CVEs have no CVSS severity score.

In CISA’s Known Exploited Vulnerabilities catalog

0

None of alextselegidis easyappointments's CVEs are currently listed in CISA's KEV catalog.

Public exploits

14

14 of alextselegidis easyappointments's CVEs have a known public exploit available.

Affected versions and CVEs

Browse every alextselegidis easyappointments version named in a CVE, then pick one to see only the CVEs that affect it.

Specific versions

Fixed in

e45fcf30b579a9a2a03bbbb35efb96556f1ad42623 CVEs
1.5.05 CVEs
757556f849337e54f57a97dc24f4c13a1c11429e2 CVEs
44af526a6fc5e898bc1e0132b2af9eb3a9b2c4661 CVE
c68fe9fb0cd9d7653a32edb6bcb5b6d8926585aa1 CVE
f4ab6ee91d9eee60f0c0d5daae305ce52b756ed61 CVE

Find a version

36 CVEs

Sort

CSRF Protection Bypass: Sensitive endpoints accept GET requests, enabling admin account takeover
CVE-2026-23622
Public exploit
CWE-352
High · CVSS 7.4
EPSS 0.0% (3th pct)2026-01-15
High vulnerability · 2025-08-25
CVE-2025-50383
Public exploit
Patch
CWE-89
High · CVSS 8.1
EPSS 0.1% (22th pct)2025-08-25
High vulnerability · 2025-05-07
CVE-2025-29448
Public exploit
CWE-284
High · CVSS 7.5
EPSS 0.5% (68th pct)2025-05-07
WordPress Easy!Appointments plugin <= 1.4.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability
CVE-2025-31828
Patch
CWE-352
Medium · CVSS 4.3
EPSS 0.3% (50th pct)2025-04-01
Critical vulnerability · 2025-02-12
CVE-2024-57602
Public exploit
CWE-269
Critical · CVSS 9.8
EPSS 1.1% (78th pct)2025-02-12
Medium vulnerability · 2025-02-12
CVE-2024-57601
Public exploit
CWE-79
Medium · CVSS 6.1
EPSS 0.2% (45th pct)2025-02-12
High vulnerability · 2024-07-09
CVE-2023-3288
Patch
CWE-639
High · CVSS 8.5
EPSS 0.2% (44th pct)2024-07-09
Critical vulnerability · 2024-07-09
CVE-2023-38055
Patch
CWE-639
Critical · CVSS 9.6
EPSS 0.2% (38th pct)2024-07-09
Critical vulnerability · 2024-07-09
CVE-2023-38054
Patch
CWE-639
Critical · CVSS 9.9
EPSS 0.2% (45th pct)2024-07-09
A BOLA vulnerability in GET, PUT, DELETE /settings/{settingName} in EasyAppointments < 1.5.0
CVE-2023-38053
Patch
CWE-639
Critical · CVSS 9.9
EPSS 0.2% (45th pct)2024-07-09
A BOLA vulnerability in GET, PUT, DELETE /admins/{adminId} in EasyAppointments < 1.5.0
CVE-2023-38052
Patch
CWE-639
Critical · CVSS 9.9
EPSS 0.2% (45th pct)2024-07-09
Critical vulnerability · 2024-07-09
CVE-2023-38051
Patch
CWE-639
Critical · CVSS 9.9
EPSS 0.2% (45th pct)2024-07-09
Critical vulnerability · 2024-07-09
CVE-2023-38050
Patch
CWE-639
Critical · CVSS 9.1
EPSS 0.2% (36th pct)2024-07-09
Critical vulnerability · 2024-07-09
CVE-2023-38049
Patch
CWE-639
Critical · CVSS 9.9
EPSS 0.2% (45th pct)2024-07-09
Critical vulnerability · 2024-07-09
CVE-2023-38048
Patch
CWE-639
Critical · CVSS 9.9
EPSS 0.2% (45th pct)2024-07-09
A BOLA vulnerability in GET, PUT, DELETE /categories/{categoryId} in EasyAppointments < 1.5.0.
CVE-2023-38047
Patch
CWE-639
High · CVSS 8.5
EPSS 0.1% (26th pct)2024-07-09
High vulnerability · 2024-07-09
CVE-2023-3289
Public exploit
Patch
CWE-639
High · CVSS 7.7
EPSS 0.2% (36th pct)2024-07-09
Medium vulnerability · 2024-07-09
CVE-2023-3290
Patch
CWE-639
Medium · CVSS 5.0
EPSS 0.2% (37th pct)2024-07-09
High vulnerability · 2024-07-09
CVE-2023-3286
Patch
CWE-639
High · CVSS 7.7
EPSS 0.2% (36th pct)2024-07-09
Critical vulnerability · 2024-07-09
CVE-2023-3287
Patch
CWE-639
Critical · CVSS 9.9
EPSS 0.2% (46th pct)2024-07-09
High vulnerability · 2024-07-09
CVE-2023-3285
Patch
CWE-639
High · CVSS 7.7
EPSS 0.2% (37th pct)2024-07-09
WordPress Easy!Appointments plugin <= 1.3.3 - Arbitrary File Deletion vulnerability
CVE-2023-32295
Patch
CWE-862
Medium · CVSS 6.3
EPSS 0.2% (39th pct)2024-04-11
Easy!Appointments <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2024-0698
Patch
CWE-79
Medium · CVSS 6.4
EPSS 0.2% (42th pct)2024-03-05
Authorization Bypass Through User-Controlled Key in alextselegidis/easyappointments
CVE-2023-3700
Public exploit
Patch
CWE-639
Medium · CVSS 6.3
EPSS 0.0% (6th pct)2023-07-17
Open Redirect in alextselegidis/easyappointments
CVE-2023-3568
Public exploit
Patch
CWE-601
Medium · CVSS 6.3
EPSS 0.1% (16th pct)2023-07-10
High vulnerability · 2023-04-15
CVE-2023-2105
Public exploit
Patch
CWE-384
High · CVSS 8.8
EPSS 0.8% (74th pct)2023-04-15
Medium vulnerability · 2023-04-15
CVE-2023-2104
Patch
CWE-284
Medium · CVSS 5.4
EPSS 0.2% (36th pct)2023-04-15
Cross-site Scripting (XSS) - Stored in alextselegidis/easyappointments
CVE-2023-2103
Public exploit
Patch
CWE-79
Medium · CVSS 5.4
EPSS 0.4% (61th pct)2023-04-15
Medium vulnerability · 2023-04-15
CVE-2023-2102
Public exploit
Patch
CWE-79
Medium · CVSS 6.8
EPSS 0.4% (58th pct)2023-04-15
Medium vulnerability · 2023-03-13
CVE-2023-1367
Public exploit
Patch
CWE-94
Medium · CVSS 6.0
EPSS 0.2% (44th pct)2023-03-13

Showing 30 of 36

Common weakness types

The CWE weakness categories most often found in alextselegidis easyappointments CVEs. Follow any weakness for its full explanation.

CWE-639Authorization Bypass Through User-Controlled Key16 CVEs
CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')4 CVEs
CWE-352Cross-Site Request Forgery (CSRF)2 CVEs
CWE-269Improper Privilege Management2 CVEs
CWE-284Improper Access Control2 CVEs
CWE-601URL Redirection to Untrusted Site ('Open Redirect')1 CVE
CWE-384Session Fixation1 CVE
CWE-359Exposure of Private Personal Information to an Unauthorized Actor1 CVE

Disclosure activity by year

How many alextselegidis easyappointments CVEs were published each year.

2019

1

2020

2

2022

2

2023

8

2024

17

2025

5

2026

1

Other alextselegidis products

Browse vulnerabilities for other products by alextselegidis.

alextselegidis/easyappointments10 CVEs Easy!Appointments3 CVEs plainpad1 CVEs

All alextselegidis vulnerabilities

Frequently asked questions

Common questions about alextselegidis easyappointments vulnerabilities.

How many CVEs does alextselegidis easyappointments have?

alextselegidis easyappointments has 36 published CVE records since 2019.

How many alextselegidis easyappointments CVEs are in CISA KEV?

None of alextselegidis easyappointments's CVEs are currently listed in CISA's Known Exploited Vulnerabilities catalog.

Are there public exploits for alextselegidis easyappointments vulnerabilities?

Yes — 14 of alextselegidis easyappointments's CVEs have a known public exploit.

Which versions of alextselegidis easyappointments are affected?

40 distinct alextselegidis easyappointments versions are named across its CVEs. Use the version filter above to see the CVEs affecting a specific version.

What are the most common weakness types in alextselegidis easyappointments CVEs?

alextselegidis easyappointments's CVEs most often map to these CWE weakness types: CWE-639 (Authorization Bypass Through User-Controlled Key), CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-352 (Cross-Site Request Forgery (CSRF)), CWE-269 (Improper Privilege Management).

How many critical alextselegidis easyappointments vulnerabilities are there?

alextselegidis easyappointments has 11 critical and 10 high-severity CVEs.

What is the average severity of alextselegidis easyappointments CVEs?

The average CVSS base score across alextselegidis easyappointments's scored CVEs is 7.8.

References

All alextselegidis vulnerabilities
The MITRE CVE Program (opens in a new tab)
Learn: What is a CVE?
CWE directory: the weakness types these CVEs map to

Vulnerability data is sourced from the CVE Program; severity, KEV, and exploit signals are aggregated by RadicalNotion.AI.

Track alextselegidis easyappointments vulnerabilities

Monitor new alextselegidis easyappointments vulnerabilities as they are disclosed, with AI-written analysis and remediation guidance.

Start free See pricing

On this page

Overview
Severity and exploitation
Affected versions and CVEs
Common weakness types
Disclosure activity
Other products
FAQ
References