Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total3
Critical1
High0
Medium2
Reset
Showing 1-3 of 3 records
Threat Entry Updated 2026-04-01

CVE-2026-1797 - Truebooker Plugin

The Appointment Booking and Scheduler Plugin – Truebooker plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.4 through views php files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed views php files via direct access.

PLUGIN Truebooker

CVE-2026-1797

MEDIUM CVSS 5.3 2026-03-31
Open Full Technical Breakdown
Threat Entry Updated 2024-09-11

CVE-2024-6924 - Truebooker Plugin

The TrueBooker WordPress plugin before 1.0.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.

PLUGIN Truebooker

CVE-2024-6924

CRITICAL CVSS 9.8 2024-09-08
Open Full Technical Breakdown
Threat Entry Updated 2024-09-11

CVE-2024-6925 - Truebooker Plugin

The TrueBooker WordPress plugin before 1.0.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack.

PLUGIN Truebooker

CVE-2024-6925

MEDIUM CVSS 4.3 2024-09-08
Open Full Technical Breakdown
Scroll to top