CVE-2025-29448

Booking logic flaw in Easy!Appointments v1.5.1 allows unauthenticated attackers to create appointments with excessively long durations, causing a denial of service by blocking all future booking availability.

CVSS

No CVSS.

References

Link	Resource
https://github.com/Abdullah4eb/CVE-2025-29448	Third Party Advisory Patch

Configurations

Configuration 1 (hide)

cpe:2.3:a:easyappointments:easy\!appointments:1.5.1:*:*:*:*:wordpress:*:*

History

09 Jul 2025, 01:28

Type	Values Removed	Values Added
CPE		cpe:2.3:a:easyappointments:easy\!appointments:1.5.1:::::wordpress::
First Time		Easyappointments easy\!appointments Easyappointments
References	~~() https://github.com/Abdullah4eb/CVE-2025-29448 -~~	() https://github.com/Abdullah4eb/CVE-2025-29448 - Third Party Advisory, Patch
CWE		NVD-CWE-noinfo

08 May 2025, 18:15

Type	Values Removed	Values Added
Summary	~~A business logic vulnerability in Easy Appointments v1.5.1 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.~~	Booking logic flaw in Easy!Appointments v1.5.1 allows unauthenticated attackers to create appointments with excessively long durations, causing a denial of service by blocking all future booking availability.

07 May 2025, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-07 15:15

Updated : 2025-07-09 01:28

NVD link : CVE-2025-29448

Mitre link : CVE-2025-29448

JSON object : View

Products Affected

easyappointments

easy\!appointments

CWE

NVD-CWE-noinfo

JSON object

Attach tags to CVE-2025-29448

Attach tags to `CVE-2025-29448`