CVE-2026-1708

Published: Mar 11, 2026 Last Modified: Mar 11, 2026
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 7,5
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: none
Availability: none

Description

AI Translation Available

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to blind SQL Injection in all versions up to, and including, 1.6.9.27. This is due to the `db_where_conditions` method in the `TD_DB_Model` class failing to prevent the `append_where_sql` parameter from being passed through JSON request bodies, while only checking for its presence in the `$_REQUEST` superglobal. This makes it possible for unauthenticated attackers to append arbitrary SQL commands to queries and extract sensitive information from the database via the `append_where_sql` parameter in JSON payloads granted they have obtained a valid `public_token` that is inadvertently exposed during the booking flow.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0012
Percentile
0,3th
Updated

EPSS Score Trend (Last 6 Days)

89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Stable
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Confidentiality Integrity Availability Authentication Access Control
Potential Impacts:
Execute Unauthorized Code Or Commands Read Application Data Gain Privileges Or Assume Identity Bypass Protection Mechanism Modify Application Data
Applicable Platforms
Languages: Not Language-Specific, SQL
Technologies: Database Server
Likelihood of Exploit: High
View CWE Details
https://plugins.trac.wordpress.org/browser/simply-schedule-…
https://plugins.trac.wordpress.org/browser/simply-schedule-appointments/tags/1.…
https://plugins.trac.wordpress.org/browser/simply-schedule-…
https://plugins.trac.wordpress.org/browser/simply-schedule-appointments/tags/1.…
https://plugins.trac.wordpress.org/browser/simply-schedule-…
https://plugins.trac.wordpress.org/browser/simply-schedule-appointments/tags/1.…
https://plugins.trac.wordpress.org/browser/simply-schedule-…
https://plugins.trac.wordpress.org/browser/simply-schedule-appointments/tags/1.…
https://plugins.trac.wordpress.org/browser/simply-schedule-…
https://plugins.trac.wordpress.org/browser/simply-schedule-appointments/trunk/i…
https://plugins.trac.wordpress.org/browser/simply-schedule-…
https://plugins.trac.wordpress.org/browser/simply-schedule-appointments/trunk/i…
https://plugins.trac.wordpress.org/browser/simply-schedule-…
https://plugins.trac.wordpress.org/browser/simply-schedule-appointments/trunk/i…
https://plugins.trac.wordpress.org/browser/simply-schedule-…
https://plugins.trac.wordpress.org/browser/simply-schedule-appointments/trunk/i…
https://plugins.trac.wordpress.org/changeset/3475885/simply…
https://plugins.trac.wordpress.org/changeset/3475885/simply-schedule-appointmen…
https://www.wordfence.com/threat-intel/vulnerabilities/id/7…
https://www.wordfence.com/threat-intel/vulnerabilities/id/71642341-9fe0-44a9-88…