SECURITY ISSUES

[SLEK]

Great work Alex.

I recieved the following security alert from worddefence on my site.

The Plugin "Easy!Appointments" has a security vulnerability.
Type: Plugin Vulnerable
Issue Found July 24, 2025 1:17 pm
Critical

Details
Plugin Name: Easy!Appointments
Current Plugin Version: 1.4.2
Details: To protect your site from this vulnerability, the safest option is to deactivate and completely remove "Easy!Appointments" until a patched version is available. Get more information.
Repository URL: https://wordpress.org/plugins/easyappointments
Vulnerability Information: https://www.wordfence.com/threat-intel/vulnerabilities/id/92424e24-17db-45dc-804b-32a411f0b233?source=plugin
Vulnerability Severity: 4.3/10.0 (Medium)(opens in new tab)

• • Repository URL: https://wordpress.org/plugins/easyappointments(opens in new tab)
  • Vulnerability Information: https://www.wordfence.com/threat-intel/vulnerabilities/id/92424e24-17db-45dc-804b-32a411f0b233?source=plugin(opens in new tab)
  • Vulnerability Severity: 4.3/10.0 (Medium)

[Alex Tselegidis]

Hello! 

Thanks for reporting this. 

Unfortunately, I was not informed earlier about this case, so I will review and see if it is valid and if there is an update needed. 

Alex Tselegidis, Easy!Appointments Creator
Need a customization? Get a free quote!

[Temi B]

This looks like what I saw before but I ignored it. Probably should have mentioned. It didn't seem a big deal based on the description but still should be patched. 

https://patchstack.com/database/wordpress/plugin/easyappointments/vulnerability/wordpress-easy-appointments-plugin-1-4-2-cross-site-request-forgery-csrf-to-settings-change-vulnerability 

[Alex Tselegidis]

Hello! 

Yes this issue is not that important, but I have launched a new release that addresses the reported detail. 

Alex Tselegidis, Easy!Appointments Creator
Need a customization? Get a free quote!