A vulnerability was found in alextselegidis easyappointments up to 1.5.x. It has been classified as critical. The impacted element is an unknown function of the file application/controllers/Google.php of the component Google OAuth Handler. The manipulation of the argument provider_id leads to improper synchronization.

This vulnerability is documented as CVE-2026-52841. The attack can be initiated remotely. There is not any exploit available.