CVE-2024-57602: Easy!Appointments Improper Restriction of Excessive Authentication Attempts

February 13, 2025 (updated February 24, 2025)

An issue in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to escalate privileges via the index.php file.

References

github.com/advisories/GHSA-8fc2-fhh6-f6m5
github.com/alextselegidis/easyappointments
hkohi.ca/vulnerability/12
nvd.nist.gov/vuln/detail/CVE-2024-57602

Detect and mitigate CVE-2024-57602 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →