2 matches found
WordPress Booking for Appointments plugin input validation error vulnerability
WordPress Booking for Appointments plugin is a tool for implementing appointment management on WordPress websites. The WordPress Booking for Appointments plugin suffers from an input validation error vulnerability that stems from a lack of validation for the tslotapptemail AJAX action, which can ...
CVE-2025-12842
The Booking Plugin for WordPress Appointments – Time Slot plugin for WordPress is vulnerable to unauthorized email sending in versions up to, and including, 1.4.7 due to missing validation on the tslotapptemail AJAX action. This makes it possible for unauthenticated attackers to send appointment...