Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

alextselegidis — Vulnerabilities & Security Advisories 14

Browse all 14 CVE security advisories affecting alextselegidis. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Alex Tselegidis is primarily associated with web application development, focusing on creating user-friendly interfaces and functionality. Historically, vulnerabilities attributed to this researcher include cross-site scripting (XSS), remote code execution (RCE), and privilege escalation, often stemming from input validation failures and insecure direct object references. Security analysis reveals a pattern of identifying flaws in content management systems and e-commerce platforms, with some discoveries leading to significant security advisories. While no major public incidents are directly linked, the consistent discovery of critical vulnerabilities across multiple platforms demonstrates a notable impact on web security landscapes, particularly in open-source and commercial web applications.

Top products by alextselegidis: alextselegidis/easyappointments Easy!Appointments easyappointments plainpad
CVE IDTitleCVSSSeverityPublished
CVE-2026-42562 Plainpad: Privilege Escalation via Writable Admin Field in Profile Update (Access Control) — plainpadCWE-269 8.3 High2026-05-09
CVE-2026-23622 CSRF Protection Bypass: Sensitive endpoints accept GET requests, enabling admin account takeover — easyappointmentsCWE-352 8.8AIHighAI2026-01-15
CVE-2025-31828 WordPress Easy!Appointments plugin <= 1.4.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability — Easy!AppointmentsCWE-352 4.3 Medium2025-04-01
CVE-2024-0698 Easy!Appointments <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Easy!AppointmentsCWE-79 6.4 Medium2024-03-05
CVE-2023-3700 Authorization Bypass Through User-Controlled Key in alextselegidis/easyappointments — alextselegidis/easyappointmentsCWE-639 6.3 Medium2023-07-17
CVE-2023-3568 Open Redirect in alextselegidis/easyappointments — alextselegidis/easyappointmentsCWE-601 6.3 Medium2023-07-10
CVE-2023-2105 Session Fixation in alextselegidis/easyappointments — alextselegidis/easyappointmentsCWE-384 8.1 -2023-04-15
CVE-2023-2104 Improper Access Control in alextselegidis/easyappointments — alextselegidis/easyappointmentsCWE-284 5.4 -2023-04-15
CVE-2023-2102 Cross-site Scripting (XSS) - Stored in alextselegidis/easyappointments — alextselegidis/easyappointmentsCWE-79 5.4 -2023-04-15
CVE-2023-2103 Cross-site Scripting (XSS) - Stored in alextselegidis/easyappointments — alextselegidis/easyappointmentsCWE-79 5.4 -2023-04-15
CVE-2023-1367 Code Injection in alextselegidis/easyappointments — alextselegidis/easyappointmentsCWE-94 3.8 -2023-03-13
CVE-2023-1269 Use of Hard-coded Credentials in alextselegidis/easyappointments — alextselegidis/easyappointmentsCWE-798 9.8 -2023-03-08
CVE-2022-1397 API Privilege Escalation in alextselegidis/easyappointments — alextselegidis/easyappointmentsCWE-269 8.8 -2022-05-10
CVE-2022-0482 Exposure of Private Personal Information to an Unauthorized Actor in alextselegidis/easyappointments — alextselegidis/easyappointmentsCWE-359 7.5 -2022-03-09

This page lists every published CVE security advisory associated with alextselegidis. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.