4 matches found
CVE-2026-1932
The Appointment Booking Calendar Plugin – Bookr plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update-appointment REST API endpoint in all versions up to, and including, 1.0.2. This makes it possible for unauthenticated attackers t...
CVE-2026-1932
The Appointment Booking Calendar Plugin – Bookr plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update-appointment REST API endpoint in all versions up to, and including, 1.0.2. This makes it possible for unauthenticated attackers t...
CVE-2026-1932
CVE-2026-1932 affects the WordPress plugin “Appointment Booking Calendar Plugin – Bookr”. The root cause is a missing capability check on the update-appointment REST endpoint, allowing unauthenticated modification of appointment status. Affected versions are all up to 1.0.2 (inclusive). The conse...
PT-2026-8057
The Appointment Booking Calendar Plugin – Bookr plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update-appointment REST API endpoint in all versions up to, and including, 1.0.2. This makes it possible for unauthenticated attackers t...