CVE-2025-31896 WordPress GetBookingsWP Plugin <= 1.1.27 - Broken Access Control vulnerability

Missing Authorization vulnerability in istmoplugins GetBookingsWP get-bookings-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GetBookingsWP: from n/a through = 1.1.27...

CVE-2024-13677

The GetBookingsWP – Appointments Booking Calendar Plugin For WordPress plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.1.27. This is due to the plugin not properly validating a user's identity prior to updating their details...

CVE-2024-13677 GetBookingsWp - Appointments & Bookings Plugin Basic Version <= 1.1.27 - Authenticated (Subscriber+) Privilege Escalation via Account Takeover

The GetBookingsWP – Appointments Booking Calendar Plugin For WordPress plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.1.27. This is due to the plugin not properly validating a user's identity prior to updating their details...