2 matches found
CVE-2026-3045
CVE-2026-3045 affects the WordPress plugin “Appointment Booking Calendar — Simply Schedule Appointments” (versions up to 1.6.9.29). The vulnerability stems from two weaknesses: (1) a non-user-bound public_nonce is exposed to unauthenticated users via the REST endpoint /wp-json/ssa/v1/embed-inner,...
CVE-2025-14977
Dokan (WordPress Dokan Lite)