VYPR

Bookme

by WordPress

CVEs (1)

  • CVE-2025-13385MedNov 25, 2025
    risk 0.32cvss 4.9epss 0.00

    The Bookme – Free Online Appointment Booking and Scheduling Plugin for WordPress is vulnerable to time-based SQL Injection via the `filter[status]` parameter in all versions up to, and including, 4.2 due to insufficient escaping on the user supplied parameter and lack of…