Known Vulnerabilities for Appointment Booking Calendar by Codepeople

Listed below are 8 of the newest known vulnerabilities associated with "Appointment Booking Calendar" by "Codepeople".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2026-25435	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdevart Booking calend...	Not Provided	2026-03-25	2026-03-25
CVE-2025-46247	Missing Authorization vulnerability in codepeople Appointment Booking Calendar appointment-booking-calendar allows Accessing ...	Not Provided	2025-04-22	2026-04-01
CVE-2025-46241	Cross-Site Request Forgery (CSRF) vulnerability in codepeople Appointment Booking Calendar appointment-booking-calendar allow...	Not Provided	2025-04-22	2026-04-01
CVE-2025-32310	Cross-Site Request Forgery (CSRF) vulnerability in ThemeMove QuickCal - Appointment Booking Calendar for WordPress quickcal a...	Not Provided	2025-05-16	2026-04-01
CVE-2025-32299	Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Themovation QuickCal - Appointmen...	Not Provided	2025-05-16	2026-04-01
CVE-2020-9372	The Appointment Booking Calendar plugin before 1.3.35 for WordPress allows user input (in fields such as Description or Name)...	7.8 - HIGH	2020-03-04	2022-01-01
CVE-2020-9371	Stored XSS exists in the Appointment Booking Calendar plugin before 1.3.35 for WordPress. In the cpabc_appointments.php file,...	4.8 - MEDIUM	2020-03-04	2022-10-06
CVE-2019-14791	The Appointment Booking Calendar plugin 1.3.18 for WordPress allows XSS via the wp-admin/admin-post.php editionarea parameter...	6.1 - MEDIUM	2019-08-09	2019-08-14
CVE-2016-10916	The appointment-booking-calendar plugin before 1.1.24 for WordPress has SQL injection, a different vulnerability than CVE-201...	9.8 - CRITICAL	2019-08-22	2019-08-26
CVE-2015-7320	Multiple cross-site scripting (XSS) vulnerabilities in cpabc_appointments_admin_int_bookings_list.inc.php in the Appointment ...	4.3 - MEDIUM	2015-09-29	2018-10-09

Results limited to 10 most recent vulnerabilities

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Codepeople	Appointment Booking Calendar	1.3.35	All	All	All
Application	Codepeople	Appointment Booking Calendar	1.3.25	All	All	All
Application	Codepeople	Appointment Booking Calendar	1.3.24	All	All	All
Application	Codepeople	Appointment Booking Calendar	1.3.23	All	All	All
Application	Codepeople	Appointment Booking Calendar	1.3.22	All	All	All
Application	Codepeople	Appointment Booking Calendar	1.3.21	All	All	All
Application	Codepeople	Appointment Booking Calendar	1.3.20	All	All	All
Application	Codepeople	Appointment Booking Calendar	1.3.19	All	All	All
Application	Codepeople	Appointment Booking Calendar	1.3.18	All	All	All
Application	Codepeople	Appointment Booking Calendar	1.3.17	All	All	All
Application	Codepeople	Appointment Booking Calendar	1.3.16	All	All	All
Application	Codepeople	Appointment Booking Calendar	1.3.15	All	All	All
Application	Codepeople	Appointment Booking Calendar	1.3.14	All	All	All
Application	Codepeople	Appointment Booking Calendar	1.3.13	All	All	All
Application	Codepeople	Appointment Booking Calendar	1.3.12	All	All	All
Application	Codepeople	Appointment Booking Calendar	1.3.11	All	All	All
Application	Codepeople	Appointment Booking Calendar	1.3.10	All	All	All
Application	Codepeople	Appointment Booking Calendar	1.3.09	All	All	All
Application	Codepeople	Appointment Booking Calendar	1.3.08	All	All	All
Application	Codepeople	Appointment Booking Calendar	1.3.07	All	All	All

Results limited to 20 most recent known configurations