High severity7.2NVD Advisory· Published Oct 16, 2023· Updated Jun 17, 2026
CVE-2023-4691
CVE-2023-4691
Description
The WordPress Online Booking and Scheduling Plugin WordPress plugin before 22.4 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/WordPress Online Booking and Scheduling Plugindescription
- Range: <22.4
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/5085ec75-0795-4004-955d-e71b3d2c26c6nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.