Stellarwp Bookit — Booking & Appointment Calendar
3 CVEs affecting Stellarwp Bookit — Booking & Appointment Calendar. Latest disclosed: 2025-11-12. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-2834 | Critical | 9.8 | 2023-06-30 | The BookIt plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.3.7. This is due to insufficient verification on the… |
CVE-2025-12633 | High | 7.5 | 2025-11-12 | The Booking Calendar | Appointment Booking | Bookit plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check o… |
CVE-2022-4974 | Medium | 6.3 | 2024-10-16 | The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to… |