{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T20:17:53.006","vulnerabilities":[{"cve":{"id":"CVE-2026-1537","sourceIdentifier":"security@wordfence.com","published":"2026-02-12T04:15:47.413","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the load_step() function in all versions up to, and including, 5.2.6. This makes it possible for unauthenticated attackers to view booking information including customer names, email addresses, phone numbers, appointment times, and service details."},{"lang":"es","value":"El plugin LatePoint – Calendar Booking Plugin for Appointments and Events para WordPress es vulnerable al acceso no autorizado de datos debido a una falta de verificación de capacidad en la función load_step() en todas las versiones hasta la 5.2.6, inclusive. Esto hace posible que atacantes no autenticados vean información de reservas, incluyendo nombres de clientes, direcciones de correo electrónico, números de teléfono, horas de citas y detalles del servicio."}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/latepoint/tags/5.2.5/lib/helpers/steps_helper.php#L231","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/latepoint/tags/5.2.5/lib/models/model.php#L562","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c18ad885-52a8-467b-83f2-aeb0c8be8be0?source=cve","source":"security@wordfence.com"}]}}]}