Medium 6.1
2026-05-01< 5.1.8
CVE-2024-13362
Advanced Booking & Appointment System – Webba Booking Calendar
Minimum safe version
6.2.2
Update to 6.2.2 or later to address 13 fixable vulnerabilities
Latest available6.4.6 ✓
Medium 4.3
2025-12-15< 6.2.2
Webba Booking <= 6.2.1 - Missing Authorization
Medium 5.9
2025-08-14< 6.0.6
CVE-2025-54729
Medium 6.5
2025-08-20< 5.1.22
CVE-2025-54040
Medium 4.3
2025-07-16< 5.1.21
CVE-2025-54036
Medium 6.3
2024-10-16< 4.2.18
Freemius SDK <= 2.4.2 - Missing Authorization Checks
Medium 4.3
2024-09-24< 5.0.50
CVE-2024-8432
Medium 4.3
2024-12-26< 5.0
WordPress Webba Booking Plugin <= 4.5.33 is vulnerable to Cross Site Request Forgery (CSRF)
N/A
2023-07-18< 4.5.31
WordPress Webba Booking Plugin < 4.5.31 is vulnerable to Cross Site Scripting (XSS)
N/A
2022-03-04< 4.2.18
Freemius SDK <= 2.4.2 - Missing Authorization Checks
Medium 4.8
2023-04-15< 4.2.22
WordPress Webba Booking Plugin <= 4.2.21 is vulnerable to Cross Site Scripting (XSS)
N/A
2022-02-28< 4.2.18
WordPress Webba Booking plugin < 4.2.18 - Sensitive Information Disclosure vulnerability
N/A
2022-02-28< 4.2.18
WordPress Webba Booking plugin < 4.2.18 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability