The Simply Schedule Appointments WordPress plugin prior to 1.5.7.7 is missing authorisation in a REST endpoint, allowing unauthenticated users to retrieve WordPress users details such as name and email address
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
nsqua simply schedule appointments |