{"id":75585,"date":"2026-01-06T06:51:38","date_gmt":"2026-01-06T03:21:38","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-11723-appointment-booking-calendar-simply-schedule-appointments-booking-plugin\/"},"modified":"2026-01-06T06:51:38","modified_gmt":"2026-01-06T03:21:38","slug":"cve-2025-11723-appointment-booking-calendar-simply-schedule-appointments-booking-plugin","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-11723-appointment-booking-calendar-simply-schedule-appointments-booking-plugin\/","title":{"rendered":"CVE-2025-11723 &#8211; Appointment Booking Calendar \u2014 Simply Schedule Appointments Booking Plugin"},"content":{"rendered":"<p>CVE ID : CVE-2025-11723<\/p>\n<p>Published :  Jan. 6, 2026, 3:21 a.m. | 1\u00a0hour, 5\u00a0minutes ago<\/p>\n<p>Description : The Appointment Booking Calendar \u2014 Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.9.5 via the hash() function due to use of a hardcoded fall-back salt. This makes it possible for unauthenticated attackers to generate a valid token across sites running the plugin that have not manually set a salt in the wp-config.php file and access booking information that will allow them to make modifications.<\/p>\n<p>Severity: 0.0 | NA<\/p>\n<p>Visit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-11723 Published : Jan. 6, 2026, 3:21 a.m. | 1\u00a0hour, 5\u00a0minutes ago Description : The Appointment Booking Calendar \u2014 Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.9.5 via the hash() function due to use of a hardcoded fall-back &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-75585","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/75585","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=75585"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/75585\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=75585"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=75585"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=75585"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}