CVE-2026-11990
The CVE-2026-11990 entry affects the KiviCare – Clinic & Patient Management System (EHR) WordPress plugin, specifically versions up to and including 4.4.0. The root issue is missing authorization checks for actions, allowing unauthenticated attackers to mark arbitrary pending appointments as Conf...