Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:cp_appointment_calendar_plugin:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductCp Appointment Calendar Plugin (e17011dc-ddd4-5bac-9243-a1ba627777ac)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2015-10099 vulnerable 2026-06-08 05:06:24.675087 CP Appointment Calendar Plugin dex_appointments.php dex_process_ready_to_go_appointment sql injection
MEDIUM (6.3)
A vulnerability classified as critical has been found in CP Appointment Calendar Plugin up to 1.1.5 on WordPress. This affects the function dex_process_ready_to_go_appointment of the file dex_appointments.php. The manipulation of the argument itemnumber leads to sql injection. It is possible to initiate the attack remotely. The patch is named e29a9cdbcb0f37d887dd302a05b9e8bf213da01d. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-225351.
Published: 2023-04-10T12:00:05.724Z
Updated: 2024-08-06T08:58:26.439Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.