Lucene search
K

5 matches found

NVD
NVD
added 2026/05/28 8:16 a.m.11 views

CVE-2026-7797

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'appendwheresql' parameter in all versions up to, and including, 1.6.11.8 due to insufficient escaping on the user supplied parameter and lac...

7.5CVSS0.00554EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/05/28 6:45 a.m.34 views

CVE-2026-7797 Appointment Booking Calendar <= 1.6.11.8 - Unauthenticated SQL Injection via 'append_where_sql' Parameter

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'appendwheresql' parameter in all versions up to, and including, 1.6.11.8 due to insufficient escaping on the user supplied parameter and lac...

7.5CVSS0.00554EPSS
Exploits0References11
CVE
CVE
added 2026/05/28 6:45 a.m.19 views

CVE-2026-7797

The CVE covers the WordPress plugin Appointment Booking Calendar – Simply Schedule Appointments . The vulnerability exists in versions up to

7.5CVSS5.8AI score0.00554EPSS
Exploits0References11
CVE
CVE
added 2026/03/11 7:36 a.m.9 views

CVE-2026-1708

The CVE-2026-1708 entry concerns the WordPress plugin “Appointment Booking Calendar — Simply Schedule Appointments” vulnerable to blind SQL injection in all versions up to 1.6.9.27. The root cause is in TD_DB_Model’s db_where_conditions, which fails to sanitize the append_where_sql parameter pass...

7.5CVSS6AI score0.00406EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2026/01/14 10:23 p.m.3 views

CVE-2025-12166 Simply Schedule Appointments <= 1.6.9.9 - Unauthenticated SQL Injection via `order` and `append_where_sql` Parameters

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to blind SQL Injection via the order and appendwheresql parameters in all versions up to, and including, 1.6.9.9 due to insufficient escaping on the user supplied parameter and lack o...

7.5CVSS6.4AI score0.00289EPSS
Exploits0References2
Rows per page
Query Builder