CVE-2025-12842
CVE-2025-12842 concerns the WordPress Booking Plugin for Appointments – Time Slot (timeslot) plugin. The vulnerability is an unauthenticated arbitrary email-sending flaw caused by missing validation on the tslot_appt_email AJAX action, allowing attackers to compose and send emails to arbitrary re...