Croixhaug Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin
18 CVEs affecting Croixhaug Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin. Latest disclosed: 2026-05-28. Critical: 0, High: 8.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-2341 | High | 8.8 | 2024-04-09 | The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to SQL Injection via the keys parameter in al… |
CVE-2024-2342 | High | 8.8 | 2024-04-09 | The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to SQL Injection via the customer_id paramete… |
CVE-2026-7797 | High | 7.5 | 2026-05-28 | The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'ap… |
CVE-2026-3658 | High | 7.5 | 2026-03-19 | The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to SQL Injection via the 'fields' parameter i… |
CVE-2026-3045 | High | 7.5 | 2026-03-13 | The Appointment Booking Calendar — Simply Schedule Appointments plugin for WordPress is vulnerable to unauthorized access of sensitive data in all versions up… |
CVE-2026-1708 | High | 7.5 | 2026-03-11 | The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to blind SQL Injection in all versions up to… |
CVE-2025-12166 | High | 7.5 | 2026-01-14 | The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to blind SQL Injection via the `order` and `a… |
CVE-2025-1119 | High | 7.3 | 2025-03-13 | The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in all versi… |
CVE-2026-4807 | Medium | 6.5 | 2026-05-07 | The Appointment Booking Calendar plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 1.6.10.6. This is due to a flawed… |
CVE-2025-11723 | Medium | 6.5 | 2026-01-06 | The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all vers… |
CVE-2025-4667 | Medium | 6.4 | 2025-06-14 | The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin… |
CVE-2024-4288 | Medium | 6.4 | 2024-05-16 | The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘link’… |
CVE-2024-13431 | Medium | 6.1 | 2025-03-07 | The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the acc… |
CVE-2026-6937 | Medium | 5.3 | 2026-05-28 | The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Missing Authorization in all versions up t… |
CVE-2026-7493 | Medium | 5.3 | 2026-05-27 | The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to denial of service in all versions up to, a… |
CVE-2025-13754 | Medium | 5.3 | 2025-12-19 | The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up… |
CVE-2026-1704 | Medium | 4.3 | 2026-03-13 | The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all ve… |
CVE-2024-1760 | Medium | 4.3 | 2024-03-06 | The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions… |