CVE-2026-9188
CVE-2026-9188 affects the WordPress plugin “Wappointment” (Appointment Bookings for Zoom GoogleMeet and more) up to version 2.7.6. The vulnerability is an Insecure Direct Object Reference via the appointmentkey/edit_key parameter, where the authorization token consumed by tryCancel() is a predict...