First published: Tue Apr 22 2025(Updated: )
Missing Authorization vulnerability in codepeople Appointment Booking Calendar allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Appointment Booking Calendar: from n/a through 1.3.92.
Credit: audit@patchstack.com
Affected Software | Affected Version | How to fix |
---|---|---|
WordPress Appointment Booking Calendar | >n/a<=1.3.92 | |
WordPress Appointment Booking Calendar | <=1.3.92 |
Update the WordPress Appointment Booking Calendar plugin to the latest available version (at least 1.3.93).
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2025-46247 has been classified as a high severity vulnerability due to its potential for unauthorized access.
To fix CVE-2025-46247, update the Codepeople Appointment Booking Calendar plugin to the latest version beyond 1.3.92.
CVE-2025-46247 affects all versions of the Codepeople Appointment Booking Calendar plugin from n/a through 1.3.92.
CVE-2025-46247 is a missing authorization vulnerability that allows improper access to certain functionalities.
CVE-2025-46247 allows accessing functionality not properly constrained by access control lists (ACLs).