Does Advanced Appointment Booking & Scheduling have any unpatched vulnerabilities?

Yes — Advanced Appointment Booking & Scheduling currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is Advanced Appointment Booking & Scheduling compatible with WordPress 6.8.5?

According to WordPress.org data, Advanced Appointment Booking & Scheduling 2.1 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Advanced Appointment Booking & Scheduling compatible with PHP 7.2+?

Advanced Appointment Booking & Scheduling requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Advanced Appointment Booking & Scheduling updated?

Advanced Appointment Booking & Scheduling was last updated on Jan 9, 2026. Frequent updates are generally a positive security signal.

What is Advanced Appointment Booking & Scheduling's security score?

Advanced Appointment Booking & Scheduling has a WP-Safety security score of 78/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Advanced Appointment Booking & Scheduling Security & Risk Analysis

wordpress.org/plugins/advanced-appointment-booking-scheduling

Advanced Appointment Booking & Scheduling: Effortlessly manage appointments with a simple, user-friendly scheduling system.

3K active installs v2.1 PHP 7.2+ WP 5.2+ Updated Jan 9, 2026

appointment-bookingappointmentsbookingbooking-systemscheduling

B · Generally Safe

CVEs total1

Unpatched1

Last CVESep 22, 2025

Download

Safety Verdict

Is Advanced Appointment Booking & Scheduling Safe to Use in 2026?

Mostly Safe

Score 78/100

Advanced Appointment Booking & Scheduling is generally safe to use. 1 past CVE were resolved. Keep it updated.

1 known CVE 1 unpatched Last CVE: Sep 22, 2025Updated 2mo ago

Risk Assessment

The "advanced-appointment-booking-scheduling" plugin v2.1 demonstrates generally good security practices with a high percentage of prepared statements for SQL queries and properly escaped output. The static analysis shows a limited attack surface with no unprotected AJAX handlers or REST API routes, and a reasonable number of nonces and capability checks. However, the presence of two taint flows with unsanitized paths, categorized as high severity, is a significant concern. These flows could potentially lead to vulnerabilities if not properly addressed, even though no critical or high severity vulnerabilities are currently reported.

The plugin's vulnerability history, while limited, shows one known medium severity CVE related to CSRF. The fact that this CVE is currently unpatched is a critical issue that demands immediate attention. This history, coupled with the identified taint flows, suggests a potential for exploitable weaknesses in the plugin, particularly in how user-supplied data is handled. While the plugin has strengths in its adherence to secure coding practices for SQL and output, the unpatched CVE and high-severity taint flows represent concrete risks that lower its overall security posture.

Key Concerns

Unpatched medium CVE
High severity unsanitized taint flows

Vulnerabilities

Advanced Appointment Booking & Scheduling Security Vulnerabilities

CVEs by Year

1 CVE in 2025 · unpatched

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-57978medium · 4.3Cross-Site Request Forgery (CSRF)

Advanced Appointment Booking & Scheduling <= 1.9 - Cross-Site Request Forgery

Sep 22, 2025Unpatched

Code Analysis

Analyzed Mar 16, 2026

Advanced Appointment Booking & Scheduling Code Analysis

Dangerous Functions

Raw SQL Queries

26 prepared

Unescaped Output

177 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

65% prepared40 total queries

Output Escaping

94% escaped188 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths

abp_handle_appointment_booking (includes\class-appointment-admin.php:210)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Advanced Appointment Booking & Scheduling Attack Surface

Entry Points4

Unprotected0

Shortcodes 4

[appointment_login_form] includes\class-appointment-admin.php:106

[appointment_register_form] includes\class-appointment-admin.php:107

[abp_bookings_page] includes\class-appointment-admin.php:108

[book_appointment_form] includes\class-appointment-admin.php:109

WordPress Hooks 14

actionplugins_loadedadvanced-appointment-booking.php:120

actionadmin_enqueue_scriptsadvanced-appointment-booking.php:175

actionwp_enqueue_scriptsadvanced-appointment-booking.php:210

actionadmin_noticesadvanced-appointment-booking.php:259

actionadmin_menuincludes\class-appointment-admin.php:11

actioninitincludes\class-appointment-admin.php:12

actionadmin_post_submit_appointment_bookingincludes\class-appointment-admin.php:13

actionadmin_post_nopriv_submit_appointment_bookingincludes\class-appointment-admin.php:14

actionadmin_headincludes\class-appointment-admin.php:15

actionadmin_menuincludes\class-appointment-admin.php:17

actioninitincludes\class-appointment-admin.php:21

actionadmin_post_update_serviceincludes\service-operations-handler.php:7

actionadmin_post_add_serviceincludes\service-operations-handler.php:8

actionadmin_post_nopriv_add_serviceincludes\service-operations-handler.php:9

Maintenance & Trust

Advanced Appointment Booking & Scheduling Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJan 9, 2026

PHP min version7.2

Downloads31K

Community Trust

Rating0/100

Number of ratings0

Active installs3K

Alternatives

Advanced Appointment Booking & Scheduling Alternatives

Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin

simply-schedule-appointments

Unlimited appointments, booking calendars, and notifications. Powerful appointment booking plugin and booking system. Start scheduling for free today!

60K 21 CVEs

Bookings for WooCommerce – Create Booking Calendar, Start Scheduling, Manage Bookings And Appointments

mwb-bookings-for-woocommerce

100

This WordPress Booking Plugin lets you manage full-day bookings, service appointments, Accept/reject bookings, show booking availability & much more.

4K No CVEs

Easy Appointment Booking & Scheduling System – Webba Booking Calendar

webba-booking-lite

Free Appointment Booking Plugin 📅 Unlimited appointments, booking management, calendar sync, notifications, 5* support = powerful booking system!

3K 7 CVEs

Bookify – Appointment Booking & Scheduling for WordPress

bookify

🚀 A modern, lightweight appointment booking plugin for WordPress. Let customers book services online, manage schedules easily, and reduce no-shows — n …

10 1 CVE

Booking for Appointments and Events Calendar – Amelia

ameliabooking

Amelia is a powerful booking plugin for appointments and events. Manage scheduling, calendars, and availability with an all-in-one booking system.

90K 23 CVEs

Developer Profile

Advanced Appointment Booking & Scheduling Developer Profile

themespride

135 plugins · 17K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

1759 days

View full developer profile

Detection Fingerprints

How We Detect Advanced Appointment Booking & Scheduling

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/advanced-appointment-booking-scheduling/assets/css/style.css/wp-content/plugins/advanced-appointment-booking-scheduling/assets/js/admin.js/wp-content/plugins/advanced-appointment-booking-scheduling/assets/css/abp-front.css/wp-content/plugins/advanced-appointment-booking-scheduling/assets/js/booking.js/wp-content/plugins/advanced-appointment-booking-scheduling/assets/css/flatpickr.min.css/wp-content/plugins/advanced-appointment-booking-scheduling/assets/js/flatpickr.min.js/wp-content/plugins/advanced-appointment-booking-scheduling/assets/lib/bootstrap.css/wp-content/plugins/advanced-appointment-booking-scheduling/assets/lib/bootstrap.js

Script Paths

/wp-content/plugins/advanced-appointment-booking-scheduling/assets/js/admin.js/wp-content/plugins/advanced-appointment-booking-scheduling/assets/js/booking.js/wp-content/plugins/advanced-appointment-booking-scheduling/assets/js/flatpickr.min.js/wp-content/plugins/advanced-appointment-booking-scheduling/assets/lib/bootstrap.js

Version Parameters

advanced-appointment-booking-scheduling/assets/css/style.css?ver=advanced-appointment-booking-scheduling/assets/css/abp-front.css?ver=advanced-appointment-booking-scheduling/assets/js/booking.js?ver=advanced-appointment-booking-scheduling/assets/css/flatpickr.min.css?ver=advanced-appointment-booking-scheduling/assets/js/flatpickr.min.js?ver=advanced-appointment-booking-scheduling/assets/lib/bootstrap.css?ver=advanced-appointment-booking-scheduling/assets/lib/bootstrap.js?ver=

HTML / DOM Fingerprints

CSS Classes

abp-promo-admin-bannerabp-promo-banner-content-blockabp-promo-banner-content-innerabp-promo-banner-contentabp-promo-banner-infoabp-flash-code

Data Attributes

appointment_login_formappointment_register_formbook_appointment_formabp_bookings_page

JS Globals

ABP_VERSION

Shortcode Output

[appointment_login_form][appointment_register_form][book_appointment_form][abp_bookings_page]

FAQ