Cp Appointment Calendar
Approved changes feed: RSS · Atom
cpe:2.3:a:codepeople:cp_appointment_calendar:*:*:*:*:*:wordpress:*:*
part: a version: * update: *
| Vendor | Codepeople (f85d1a73-9b3f-50b5-b09d-cd136586594b) |
|---|---|
| Product | Cp Appointment Calendar (c4cf56d1-d880-5906-8dbf-15e96d263bd4) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | wordpress |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/slimpaul/cp-appointment-calendar |
purl2cpe | 2026-06-01 10:10:56.635004 |
pkg:github/wp-plugins/cp-appointment-calendar |
purl2cpe | 2026-06-01 10:10:56.635006 |
pkg:github/wpplugins/cp-appointment-calendar |
purl2cpe | 2026-06-01 10:10:56.635008 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2015-10099 |
vulnerable | 2026-06-03 14:34:38.379772 |
CP Appointment Calendar Plugin dex_appointments.php dex_process_ready_to_go_appointment sql injection
MEDIUM (6.3)
A vulnerability classified as critical has been found in CP Appointment Calendar Plugin up to 1.1.5 on WordPress. This affects the function dex_process_ready_to_go_appointment of the file dex_appointments.php. The manipulation of the argument itemnumber leads to sql injection. It is possible to initiate the attack remotely. The patch is named e29a9cdbcb0f37d887dd302a05b9e8bf213da01d. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-225351.
Published: 2023-04-10T12:00:05.724Z
Updated: 2024-08-06T08:58:26.439Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.