WordPress Plugin Vulnerabilities

Simply Schedule Appointments < 1.5.7.7 - Unauthenticated Email Address Disclosure

Description

The plugin is missing authorisation in a REST endpoint, allowing unauthenticated users to retrieve WordPress users details such as name and email address

Proof of Concept

https://example.com/wp-json/ssa/v1/users

Affects Plugins

simply-schedule-appointments

Fixed in version 1.5.7.7

References

CVE

CVE-2022-2373

Classification

Type

NO AUTHORISATION

OWASP top 10

A5: Broken Access Control

CWE

CWE-862

Miscellaneous

Original Researcher

Raad Haddad of Cloudyrion GmbH

Submitter

Raad Haddad of Cloudyrion GmbH

Submitter twitter

raadfhaddad

Verified

Yes

WPVDB ID

6aa9aa0d-b447-4584-a07e-b8a0d1b83a31

Timeline

Publicly Published

2022-08-08 (about 3 months ago)

Added

2022-08-08 (about 3 months ago)

Last Updated

2022-08-22 (about 3 months ago)

Our Other Services

WPScan WordPress Security Plugin