cleantalk
Vulnerabilities and Security Researches

Appointment & Event Booking Calendar Plugin – Webba Booking, CVE-2025-54036

CVE, Research URL

CVE-2025-54036

Home page URL

Security reports for Appointment & Event Booking Calendar Plugin – Webba Booking

Application

Appointment & Event Booking Calendar Plugin – Webba Booking

Published on
Jul 16, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Webba Appointment Booking Webba Booking allows Cross Site Request Forgery. This issue affects Webba Booking: from n/a through 5.1.20.
Affected versions
Min -, max 5.1.21.
Status
vulnerable
Previous vulnerability researches
WPComplete (CVE-2022-45825) , Jun 07, 2024
WPComplete (CVE-2025-50046) , Jul 02, 2025
New vulnerability
Master Addons for Elementor (CVE-2025-5284) , Jul 20, 2025
Attachment Manager (CVE-2025-7643) , Jul 19, 2025
B1.lt (CVE-2025-6718) , Jul 19, 2025
B1.lt (CVE-2025-6717) , Jul 19, 2025
Widget for Google Reviews (CVE-2025-53565) , Jul 19, 2025