Update the WordPress Appointment Booking Calendar plugin to the latest available version (at least 1.3.70).
Lana Codes discovered and reported this Broken Access Control vulnerability in WordPress Appointment Booking Calendar Plugin. This vulnerability has been fixed in version 1.3.70.
CSV Injection vulnerability
12.03.2020
Authenticated Stored CrossSite Scripting (XSS) vulnerability
05.03.2020
Unauthenticated Stored CrossSite Scripting (XSS) vulnerability
07.07.2019
Multiple XSS
22.09.2015
SQL Injection
22.09.2015