WP-Safety

Appointment, Reservation and Rental Booking for Woocommerce Security & Risk Analysis

wordpress.org/plugins/appointment-reservation-and-rental-booking-for-woocommerce

It is a plugin which allows you to manage your online appointment, reservation and rental bookings.

90 active installs v3.0 PHP + WP 4.0+ Updated Dec 28, 2020
appointmentbookingphoeniixxreservationwoocommerce
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Appointment, Reservation and Rental Booking for Woocommerce Safe to Use in 2026?

Generally Safe

Score 85/100

Appointment, Reservation and Rental Booking for Woocommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago
Risk Assessment

The plugin "appointment-reservation-and-rental-booking-for-woocommerce" exhibits a concerning security posture due to its unprotected AJAX endpoints. While the plugin demonstrates good practices by using prepared statements for all SQL queries and not performing file operations or external HTTP requests, the lack of authentication checks on two AJAX handlers presents a significant attack vector. The static analysis also reveals that over half of the output is not properly escaped, which could lead to Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is involved in these outputs. The absence of known vulnerabilities in its history is a positive sign, suggesting either diligent security practices or a lack of past exploitation. However, the identified code-level weaknesses, particularly the unprotected entry points and unescaped output, create potential risks that require immediate attention. The plugin's strengths lie in its clean SQL handling and lack of external dependencies, but these are overshadowed by the critical security flaws in its user-facing interfaces.

Key Concerns

  • AJAX handlers without auth checks
  • High percentage of unescaped output
Vulnerabilities
None known

Appointment, Reservation and Rental Booking for Woocommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Appointment, Reservation and Rental Booking for Woocommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
49
62 escaped
Nonce Checks
4
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

Select2

Output Escaping

56% escaped111 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths
phoen_arbpw_calander_on_product_show (phoen_date.php:278)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Appointment, Reservation and Rental Booking for Woocommerce Attack Surface

Entry Points2
Unprotected2

AJAX Handlers 2

authwp_ajax_phoen_arbpw_data_to_display_on_productphoen_date.php:274
noprivwp_ajax_phoen_arbpw_data_to_display_on_productphoen_date.php:276
WordPress Hooks 23
actionwoocommerce_process_product_metaincludes\phoeniixx_arbpw_product.php:529
actionwoocommerce_product_data_panelsincludes\phoeniixx_arbpw_product.php:531
actionwoocommerce_single_product_summaryphoen_date.php:44
actionadmin_headphoen_date.php:69
filterwoocommerce_is_purchasablephoen_date.php:147
actionadmin_menuphoen_date.php:244
actionwp_enqueue_scriptsphoen_date.php:246
filterwoocommerce_product_add_to_cart_textphoen_date.php:425
filterproduct_type_selectorphoen_date.php:1491
filterwoocommerce_product_data_tabsphoen_date.php:1498
actionproduct_type_optionsphoen_date.php:1500
actionplugins_loadedphoen_date.php:1509
filterwoocommerce_get_price_htmlphoen_date.php:1553
actionwoocommerce_before_calculate_totalsphoen_date.php:1556
filterwoocommerce_get_item_dataphoen_date.php:1559
filterwoocommerce_add_cart_item_dataphoen_date.php:1562
filterwoocommerce_add_cart_itemphoen_date.php:1565
filterwoocommerce_get_cart_item_from_sessionphoen_date.php:1568
actionwoocommerce_before_add_to_cart_buttonphoen_date.php:1571
filterwoocommerce_add_to_cart_validationphoen_date.php:1574
actionwoocommerce_add_order_item_metaphoen_date.php:1577
actionadmin_noticesphoen_date.php:1583
actionadmin_initphoen_date.php:1596
Maintenance & Trust

Appointment, Reservation and Rental Booking for Woocommerce Maintenance & Trust

Maintenance Signals

WordPress version tested5.6.17
Last updatedDec 28, 2020
PHP min version
Downloads19K

Community Trust

Rating66/100
Number of ratings7
Active installs90
Alternatives

Appointment, Reservation and Rental Booking for Woocommerce Alternatives

Easy Booking – WooCommerce Booking & Reservation Plugin

Easy Booking – WooCommerce Booking & Reservation Plugin

woocommerce-easy-booking-system

A
100

A simple and flexible WooCommerce booking & reservation plugin to manage dates, availability and pricing on your products.

5K No CVEs
Easy Booking Calendar for WooCommerce

Easy Booking Calendar for WooCommerce

easy-booking-calendar

A
100

Turn any product into a bookable item with an easy-to-use calendar. Supports date ranges, automatic price calculations, and prevents double bookings.

40 No CVEs
SimplyBook.me – Booking and reservations calendar

SimplyBook.me – Booking and reservations calendar

simplybook

A
100

Simply add a booking calendar to your site to schedule bookings, reservations, appointments and to collect payments.

20K No CVEs
Booking Package

Booking Package

booking-package

A
92

Booking Package is the simplest solution for integrating an online appointment booking calendar system and event calendar into your WordPress website.

10K 6 CVEs
Easy Appointments

Easy Appointments

easy-appointments

A
96

Add Booking system to your WordPress site and manage Appointments with ease. Extremely flexible time management and custom email notifications.

10K 7 CVEs
Developer Profile

Appointment, Reservation and Rental Booking for Woocommerce Developer Profile

Phoeniixx

25 plugins · 5K total installs

85
trust score
Avg Security Score
87/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Appointment, Reservation and Rental Booking for Woocommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/appointment-reservation-and-rental-booking-for-woocommerce/assets/css/default.css/wp-content/plugins/appointment-reservation-and-rental-booking-for-woocommerce/assets/css/select2.css/wp-content/plugins/appointment-reservation-and-rental-booking-for-woocommerce/assets/css/datetimepicker.css/wp-content/plugins/appointment-reservation-and-rental-booking-for-woocommerce/assets/js/moment.min.js/wp-content/plugins/appointment-reservation-and-rental-booking-for-woocommerce/assets/js/fullcalendar.min.js/wp-content/plugins/appointment-reservation-and-rental-booking-for-woocommerce/assets/js/datetimepicker.js/wp-content/plugins/appointment-reservation-and-rental-booking-for-woocommerce/assets/js/select2.js/wp-content/plugins/appointment-reservation-and-rental-booking-for-woocommerce/assets/js/picker.js+4 more
Version Parameters
appointment-reservation-and-rental-booking-for-woocommerce/assets/css/default.css?ver=appointment-reservation-and-rental-booking-for-woocommerce/assets/css/select2.css?ver=appointment-reservation-and-rental-booking-for-woocommerce/assets/css/datetimepicker.css?ver=appointment-reservation-and-rental-booking-for-woocommerce/assets/js/moment.min.js?ver=appointment-reservation-and-rental-booking-for-woocommerce/assets/js/fullcalendar.min.js?ver=appointment-reservation-and-rental-booking-for-woocommerce/assets/js/datetimepicker.js?ver=appointment-reservation-and-rental-booking-for-woocommerce/assets/js/select2.js?ver=appointment-reservation-and-rental-booking-for-woocommerce/assets/js/picker.js?ver=appointment-reservation-and-rental-booking-for-woocommerce/assets/js/picker.time.js?ver=appointment-reservation-and-rental-booking-for-woocommerce/assets/css/default.time.css?ver=appointment-reservation-and-rental-booking-for-woocommerce/assets/css/fullcalendar.min.css?ver=appointment-reservation-and-rental-booking-for-woocommerce/assets/css/phoen_backend_add.css?ver=

HTML / DOM Fingerprints

CSS Classes
phoen_card_cartphoen_add_tocartbookable_add_to_cart_buttonnav-tab-active
Data Attributes
value="add-to-cart"
JS Globals
PHOEN_ARBPRPLUGURLPHOEN_ARBPRPLUGPATH
Shortcode Output
<h2 class="nav-tab-wrapper woo-nav-tab-wrapper">
FAQ

Frequently Asked Questions about Appointment, Reservation and Rental Booking for Woocommerce