{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-12T06:11:51.397","vulnerabilities":[{"cve":{"id":"CVE-2025-11723","sourceIdentifier":"security@wordfence.com","published":"2026-01-06T04:15:52.400","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.9.5 via the hash() function due to use of a hardcoded fall-back salt. This makes it possible for unauthenticated attackers to generate a valid token across sites running the plugin that have not manually set a salt in the wp-config.php file and access booking information that will allow them to make modifications."},{"lang":"es","value":"El plugin 'Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin' para WordPress es vulnerable a la Exposición de Información Sensible en todas las versiones hasta la 1.6.9.5, inclusive, a través de la función hash() debido al uso de una 'salt' de respaldo codificada de forma rígida. Esto hace posible que atacantes no autenticados generen un token válido en sitios que ejecutan el plugin que no han configurado manualmente una 'salt' en el archivo wp-config.PHP y accedan a la información de reservas que les permitirá realizar modificaciones."}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-330"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/changeset/3393919/","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a5f3fbd2-6152-4a89-8fe9-982120d1a640?source=cve","source":"security@wordfence.com"}]}}]}