Does Appointment scheduling and Booking Manager have any unpatched vulnerabilities?

No. All known vulnerabilities in Appointment scheduling and Booking Manager have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Appointment scheduling and Booking Manager compatible with WordPress 4.6.30?

According to WordPress.org data, Appointment scheduling and Booking Manager 1.0 has been tested up to WordPress 4.6.30. Check the plugin's changelog for the latest compatibility information.

How often is Appointment scheduling and Booking Manager updated?

Appointment scheduling and Booking Manager was last updated on Oct 24, 2016. Frequent updates are generally a positive security signal.

What is Appointment scheduling and Booking Manager's security score?

Appointment scheduling and Booking Manager has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Appointment scheduling and Booking Manager Security & Risk Analysis

Name: Appointment scheduling and Booking Manager
Rating: 2.3 (4 reviews)

wordpress.org/plugins/appointment-scheduling-and-booking-manager

Offer self-service online appointment scheduling by BuddyPress Members, and get more appointments in less time.

20 active installs v1.0 PHP + WP 4.0+ Updated Oct 24, 2016

appointment-bookingappointment-schedulingbooking-calendaronline-appointment-schedulingonline-booking

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Appointment scheduling and Booking Manager Safe to Use in 2026?

Generally Safe

Score 85/100

Appointment scheduling and Booking Manager has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago

Risk Assessment

The "appointment-scheduling-and-booking-manager" v1.0 plugin exhibits a mixed security posture. While it demonstrates good practices in its SQL query handling, utilizing prepared statements for all queries and having no recorded vulnerability history, there are significant concerns regarding its attack surface and code security signals. The plugin exposes 14 AJAX handlers, a substantial 12 of which lack any authentication checks. This presents a broad entry point for attackers to potentially interact with sensitive functionality without proper authorization. Furthermore, the presence of "popen" in the code signals a potential for command injection vulnerabilities if user-supplied data is not rigorously sanitized before being passed to this function. The limited taint analysis does not show critical flows, but the raw potential for misuse remains.

Key Concerns

Many AJAX handlers lack authentication
Use of dangerous function 'popen'
Bundled outdated library PHPMailer v5.2.16
Lower percentage of properly escaped outputs
Limited nonce checks

Vulnerabilities

None known

Appointment scheduling and Booking Manager Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Appointment scheduling and Booking Manager Code Analysis

Dangerous Functions

Raw SQL Queries

11 prepared

Unescaped Output

80 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

popenif (!@$mail = popen($sendmail, 'w')) {includes\PHPMailer\class.phpmailer.php:1348

popenif (!@$mail = popen($sendmail, 'w')) {includes\PHPMailer\class.phpmailer.php:1369

Bundled Libraries

PHPMailer5.2.16

SQL Query Safety

100% prepared11 total queries

Output Escaping

69% escaped116 total outputs

Data Flows

All sanitized

Data Flow Analysis

1 flows

<eav_networks_admin> (includes\eav_networks_admin.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

12 unprotected

Appointment scheduling and Booking Manager Attack Surface

Entry Points14

Unprotected12

AJAX Handlers 14

noprivwp_ajax_um_cbincludes\ajax_handler.php:8

authwp_ajax_um_cbincludes\ajax_handler.php:9

noprivwp_ajax_eav_cbincludes\ajax_handler.php:17

authwp_ajax_eav_cbincludes\ajax_handler.php:18

noprivwp_ajax_eav_schedincludes\ajax_handler.php:29

authwp_ajax_eav_schedincludes\ajax_handler.php:30

noprivwp_ajax_eav_nonschedincludes\ajax_handler.php:41

authwp_ajax_eav_nonschedincludes\ajax_handler.php:42

noprivwp_ajax_ajax_actincludes\ajax_handler.php:49

authwp_ajax_ajax_actincludes\ajax_handler.php:50

noprivwp_ajax_ajax_act_no_payincludes\ajax_handler.php:56

authwp_ajax_ajax_act_no_payincludes\ajax_handler.php:57

authwp_ajax_ajax_setting_actincludes\ajax_handler.php:80

authwp_ajax_ajax_setting_actincludes\ajax_handler.php:81

WordPress Hooks 8

actioniniteav_networks.php:82

actionadmin_menueav_networks.php:100

actionbp_loadedeav_networks.php:188

actionbp_loadedeav_networks.php:192

actionbp_includeeav_networks.php:417

actioninitincludes\eav_networks-loader.php:50

filterbp_profile_header_metaincludes\eav_networks_menu.php:27

actionwp_enqueue_scriptsincludes\eav_networks_script.php:15

Maintenance & Trust

Appointment scheduling and Booking Manager Maintenance & Trust

Maintenance Signals

WordPress version tested4.6.30

Last updatedOct 24, 2016

PHP min version

Downloads5K

Community Trust

Rating46/100

Number of ratings4

Active installs20

Alternatives

Appointment scheduling and Booking Manager Alternatives

Appointment Bookings for Zoom GoogleMeet and more – Wappointment

wappointment

Get clients to quickly book a meeting with you by Zoom, GoogleMeet, phone or at your office

2K 1 unpatched

Cal.com

cal-com

Embed Cal.com booking calendar in WordPress.

1K 1 unpatched

Booktics – Booking Calendar for Appointments and Service Businesses

booktics

Professional booking system for businesses, offering booking calendars, appointments, reservations, service scheduling, and payments.

600 2 CVEs

Ultimate Appointment Booking & Scheduling

ultimate-appointment-scheduling

100

Appointment booking calendar and scheduling plugin that lets you set up different services, service providers, locations and availability

90 1 CVE

3veta Booking Page for WordPress

3veta

3veta Booking Page for WordPress allows you to embed your 3veta booking page to your WordPress website in a simple and easy way.

10 No CVEs

Developer Profile

Appointment scheduling and Booking Manager Developer Profile

parasagarwal

1 plugin · 20 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Appointment scheduling and Booking Manager

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/appointment-scheduling-and-booking-manager/includes/css/eav_networks_admin.css/wp-content/plugins/appointment-scheduling-and-booking-manager/includes/js/eav_networks_admin.js/wp-content/plugins/appointment-scheduling-and-booking-manager/includes/js/eav_networks_frontend.js

Script Paths

/wp-content/plugins/appointment-scheduling-and-booking-manager/includes/js/eav_networks_frontend.js

HTML / DOM Fingerprints

CSS Classes

eav_networks_admin_heading

HTML Comments

Data Attributes

data-option-name="eav_networks_booking_settings"

JS Globals

eav_networks_ajax_object

FAQ

Appointment scheduling and Booking Manager Security & Risk Analysis

Is Appointment scheduling and Booking Manager Safe to Use in 2026?

Generally Safe

Key Concerns

Appointment scheduling and Booking Manager Security Vulnerabilities

Appointment scheduling and Booking Manager Code Analysis

Dangerous Functions Found

Bundled Libraries

SQL Query Safety

Output Escaping

Data Flow Analysis

Appointment scheduling and Booking Manager Attack Surface

AJAX Handlers 14

Appointment scheduling and Booking Manager Maintenance & Trust

Maintenance Signals

Community Trust

Appointment scheduling and Booking Manager Alternatives

Appointment Bookings for Zoom GoogleMeet and more – Wappointment

Cal.com

Booktics – Booking Calendar for Appointments and Service Businesses

Ultimate Appointment Booking & Scheduling

3veta Booking Page for WordPress

Appointment scheduling and Booking Manager Developer Profile

How We Detect Appointment scheduling and Booking Manager

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Appointment scheduling and Booking Manager