{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T06:24:10.112","vulnerabilities":[{"cve":{"id":"CVE-2026-1708","sourceIdentifier":"security@wordfence.com","published":"2026-03-11T08:16:03.150","lastModified":"2026-03-11T13:52:47.683","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to blind SQL Injection in all versions up to, and including, 1.6.9.27. This is due to the `db_where_conditions` method in the `TD_DB_Model` class failing to prevent the `append_where_sql` parameter from being passed through JSON request bodies, while only checking for its presence in the `$_REQUEST` superglobal. This makes it possible for unauthenticated attackers to append arbitrary SQL commands to queries and extract sensitive information from the database via the `append_where_sql` parameter in JSON payloads granted they have obtained a valid `public_token` that is inadvertently exposed during the booking flow."},{"lang":"es","value":"El plugin Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin para WordPress es vulnerable a inyección SQL ciega en todas las versiones hasta, e incluyendo, la 1.6.9.27. Esto se debe a que el método 'db_where_conditions' en la clase 'TD_DB_Model' no evita que el parámetro 'append_where_sql' se pase a través de los cuerpos de las solicitudes JSON, mientras que solo verifica su presencia en la superglobal '$_REQUEST'. Esto hace posible que atacantes no autenticados añadan comandos SQL arbitrarios a las consultas y extraigan información sensible de la base de datos a través del parámetro 'append_where_sql' en las cargas útiles JSON, siempre que hayan obtenido un 'public_token' válido que se expone inadvertidamente durante el flujo de reserva."}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/simply-schedule-appointments/tags/1.6.9.21/includes/class-appointment-model.php#L1340","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/simply-schedule-appointments/tags/1.6.9.21/includes/class-appointment-model.php#L1413","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/simply-schedule-appointments/tags/1.6.9.21/includes/lib/td-util/class-td-db-model.php#L1019","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/simply-schedule-appointments/tags/1.6.9.21/includes/lib/td-util/class-td-db-model.php#L1025","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/simply-schedule-appointments/trunk/includes/class-appointment-model.php#L1340","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/simply-schedule-appointments/trunk/includes/class-appointment-model.php#L1413","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/simply-schedule-appointments/trunk/includes/lib/td-util/class-td-db-model.php#L1019","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/simply-schedule-appointments/trunk/includes/lib/td-util/class-td-db-model.php#L1025","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset/3475885/simply-schedule-appointments/trunk/includes/lib/td-util/class-td-db-model.php","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/71642341-9fe0-44a9-88f3-70167dc6ca62?source=cve","source":"security@wordfence.com"}]}}]}