Booked

Vulnerabilities 5Slug booked

Minimum safe version

2.4.4

Update to 2.4.4 or later to address 4 fixable vulnerabilities

⚠ 1 vulnerability has no fix
Medium 6.7 Unfixed
2026-02-20≤ 3.0.0

WordPress Booked plugin <= 3.0.0 - Account Takeover vulnerability

CVEWordfence
N/A
2020-02-29< 2.2.6

Booked <= 2.2.5 - Missing Authorization on AJAX Actions

Wordfence
N/A
< 2.2.6

Booked &lt; 2.2.6 - Broken Authentication to Export Users Data in CSV

WPScan
N/A
2020-02-28< 2.2.6

WordPress Booked premium plugin <= 2.2.5 - Broken Authentication vulnerability leading to Sensitive Information disclosure

Patchstack