Simply Schedule Appointments
NSquared
Developer
1.6.9.25
Latest version
60,000
Installations
No date
Last updated
Vulnerability history
0 present
18 fixed
7 Mitigation rules
- Broken Access Control vulnerability<= 1.6.9.15Jan 20, 2026
- Unauthenticated SQL Injection via `order` and `append_where_sql` Parameters vulnerability<= 1.6.9.9Jan 15, 2026
- Unauthenticated Sensitive Information Exposure vulnerability<= 1.6.9.5Jan 6, 2026
- Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability<= 1.6.9.16Dec 18, 2025
- Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Shortcodes vulnerability<= 1.6.8.30Jun 17, 2025
- Unauthenticated Arbitrary Shortcode Execution vulnerability<= 1.6.8.5Mar 12, 2025
- Reflected Cross-Site Scripting vulnerability<= 1.6.8.3Mar 6, 2025
- Authenticated (Admin+) Stored Cross-Site Scripting vulnerability<= 1.6.7.53Oct 15, 2024
- Authenticated (Admin+) Stored Cross-Site Scripting vulnerability<= 1.6.7.53Oct 15, 2024
- Admin+ Template Injection to RCE vulnerability< 1.6.7.43Sep 13, 2024
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 1.6.7.14May 16, 2024
- Reflected Cross Site Scripting (XSS) vulnerability<= 1.6.6.20Mar 26, 2024
- Authenticated (Contributor+) SQL Injection via Shortcode vulnerability<= 1.6.7.7Mar 21, 2024
- Authenticated (Subscriber+) SQL Injection vulnerability<= 1.6.7.7Mar 21, 2024
- Cross-Site Request Forgery to Plugin Data Reset vulnerability<= 1.6.6.20Mar 6, 2024
- SQL Injection vulnerability< 1.6.6.1Dec 21, 2023
- Authenticated Stored Cross-Site Scripting (XSS) vulnerability<= 1.5.7.6Aug 8, 2022
- Unauthenticated Email Address Disclosure vulnerability<= 1.5.7.6Aug 8, 2022