Does BookItIn have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is BookItIn compatible with WordPress 6.9.4?

According to WordPress.org data, BookItIn 1.0.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is BookItIn compatible with PHP 8.0+?

BookItIn requires PHP 8.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is BookItIn updated?

BookItIn was last updated on Apr 4, 2026. Frequent updates are generally a positive security signal.

What is BookItIn's security score?

BookItIn has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

BookItIn Security & Risk Analysis

wordpress.org/plugins/bookitin

Integrate BookItIn appointment booking into your WordPress site. Embed booking calendars and let clients book directly on your website.

0 active installs v1.0.0 PHP 8.0+ WP 6.0+ Updated Apr 4, 2026

appointmentsbookingcalendarreservationsscheduling

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is BookItIn Safe to Use in 2026?

Generally Safe

Score 100/100

BookItIn has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The Bookitin plugin v1.0.0 exhibits a generally strong security posture based on the provided static analysis. It demonstrates good development practices by exclusively using prepared statements for all SQL queries and properly escaping all output. Furthermore, there are no recorded vulnerabilities or CVEs associated with this plugin, suggesting a history of secure development. The plugin also has a very small attack surface, with only one shortcode and no AJAX handlers, REST API routes, or cron events, minimizing potential entry points for attackers. However, one concern arises from the taint analysis, which identified one flow with an unsanitized path. While this did not result in a critical or high severity finding, it indicates a potential weakness that should be investigated to ensure no sensitive data can be manipulated or exposed.

Key Concerns

Unsanitized path in taint flow

Vulnerabilities

None known

BookItIn Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

BookItIn Release Timeline

v1.0.0Current

Code Analysis

Analyzed Apr 16, 2026

BookItIn Code Analysis

Dangerous Functions

Raw SQL Queries

5 prepared

Unescaped Output

117 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared5 total queries

Output Escaping

100% escaped117 total outputs

Data Flows · Security

1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths

handle_callback (admin/class-bookitin-connect.php:107)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

BookItIn Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[bookitin] includes/class-bookitin-shortcode.php:21

WordPress Hooks 13

actionrest_api_initincludes/class-bookitin-rest-api.php:29

actionadmin_enqueue_scriptsincludes/class-bookitin.php:47

actionadmin_enqueue_scriptsincludes/class-bookitin.php:48

actionadmin_menuincludes/class-bookitin.php:49

filterplugin_action_links_bookitin/bookitin.phpincludes/class-bookitin.php:50

actionadmin_initincludes/class-bookitin.php:53

actionadmin_initincludes/class-bookitin.php:56

actionadmin_post_bookitin_connectincludes/class-bookitin.php:57

actionadmin_post_bookitin_disconnectincludes/class-bookitin.php:58

actionadmin_initincludes/class-bookitin.php:60

actionwp_enqueue_scriptsincludes/class-bookitin.php:94

actionwp_enqueue_scriptsincludes/class-bookitin.php:95

actioninitincludes/class-bookitin.php:98

Maintenance & Trust

BookItIn Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedApr 4, 2026

PHP min version8.0

Downloads64

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

BookItIn Alternatives

SimplyBook.me – Booking and reservations calendar

simplybook

100

Simply add a booking calendar to your site to schedule bookings, reservations, appointments and to collect payments.

20K No CVEs

SuperSaaS – online appointment scheduling

supersaas-appointment-scheduling

SuperSaaS is a flexible appointment scheduling system that works with many different businesses. The basic version is free.

1K 2 CVEs

Reservation.Studio widget

reservation-studio-widget

Reservation.Studio WordPress booking widget

10 2 CVEs

LatePoint – Calendar Booking Plugin for Appointments and Events

latepoint

Optimize your appointment scheduling with our plugin. Sync calendars, automate reminders, and keep your bookings organized.

100K 2 unpatched

Pinpoint Booking System – Version 2

booking-system

Book anything, anytime, anywhere.

3K 1 unpatched

Developer Profile

BookItIn Developer Profile

babrisoftware

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect BookItIn

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/bookitin/admin/css/bookitin-admin.css/wp-content/plugins/bookitin/admin/js/bookitin-admin.js

Script Paths

/wp-content/plugins/bookitin/admin/js/bookitin-admin.js

Version Parameters

bookitin-admin.css?ver=bookitin-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

bookitin

Data Attributes

data-bookitin-widget

JS Globals