cleantalk
Vulnerabilities and Security Researches

Appointment & Event Booking Calendar Plugin – Webba Booking, CVE-2025-54036

CVE, Research URL

CVE-2025-54036

Home page URL

Security reports for Appointment & Event Booking Calendar Plugin – Webba Booking

Application

Appointment & Event Booking Calendar Plugin – Webba Booking

Published on
Jul 16, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Webba Appointment Booking Webba Booking allows Cross Site Request Forgery. This issue affects Webba Booking: from n/a through 5.1.20.
Affected versions
Min -, max 5.1.21.
Status
vulnerable
Previous vulnerability researches
Razorpay Payment Button Elementor Plugin (CVE-2024-10850) , Nov 14, 2024
Razorpay Payment Button Plugin (CVE-2024-10851) , Nov 14, 2024
New vulnerability
JetFormBuilder — Dynamic Blocks Form Builder (CVE-2025-53990) , Jul 20, 2025
WPshop 2 – E-Commerce (CVE-2015-10135) , Jul 20, 2025
Maya Business Plugin (CVE-2025-53208) , Jul 20, 2025
Ghost Kit – Page Builder Blocks & Extensions (CVE-2025-53567) , Jul 20, 2025
Master Addons for Elementor (CVE-2025-5284) , Jul 20, 2025