CVE-2026-3045 | croixhaug Appointment Booking Calendar Plugin up to 1.6.9.29 on WordPress REST Endpoint embed-inner get_item authorization

Inserito da Angelo Barbosa | Mar 13, 2026 | CVE

A vulnerability identified as problematic has been detected in croixhaug Appointment Booking Calendar Plugin up to 1.6.9.29 on WordPress. This impacts the function get_item of the file /wp-json/ssa/v1/embed-inner of the component REST Endpoint. This manipulation causes missing authorization.

This vulnerability is handled as CVE-2026-3045. The attack can be initiated remotely. There is not any exploit available.

CVE-2026-3045 | croixhaug Appointment Booking Calendar Plugin up to 1.6.9.29 on WordPress REST Endpoint embed-inner get_item authorization

Post correlati

CVE-2025-14336 | itsourcecode Student Management System 1.0 /promote.php sy sql injection

CVE-2024-27774 | Unitronics Unistream Unilogic prior 1.35.227 hard-coded password

CVE-2025-1606 | SourceCodester Best Employee Management System 1.0 backups.php information disclosure

CVE-2025-55125 | Veeam Backup & Replication up to 13.0.1.180 Backup Configuration File privilege escalation (kb4792)