VYPR

GetBookingsWP

by istmoplugins

CVEs (2)

  • CVE-2024-13677HigFeb 18, 2025
    risk 0.57cvss 8.8epss 0.00

    The GetBookingsWP – Appointments Booking Calendar Plugin For WordPress plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.1.27. This is due to the plugin not properly validating a user's identity prior to…

  • CVE-2025-31896MedApr 3, 2025
    risk 0.42cvss 6.5epss 0.00

    Missing Authorization vulnerability in istmoplugins GetBookingsWP get-bookings-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GetBookingsWP: from n/a through <= 1.1.27.