CVE-2026-2324
CVE-2026-2324 affects the LatePoint – Calendar Booking Plugin for Appointments and Events (WordPress). Up to version 5.2.7 is vulnerable due to missing/incorrect nonce validation in the reload_preview() function, enabling unauthenticated attackers to update settings and inject malicious scripts v...