Does Charter Booker have any unpatched vulnerabilities?

No. All known vulnerabilities in Charter Booker have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Charter Booker compatible with WordPress 6.9.4?

According to WordPress.org data, Charter Booker 1.1.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Charter Booker compatible with PHP 7.4+?

Charter Booker requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Charter Booker updated?

Charter Booker was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Charter Booker's security score?

Charter Booker has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Charter Booker Security & Risk Analysis

wordpress.org/plugins/charter-booker

Charter Booker helps fishing and boat charter operators accept online bookings, manage schedules, and turn website visits into confirmed trips.

0 active installs v1.1.2 PHP 7.4+ WP 6.0+ Updated Unknown

boatscharter-bookingfishingpaymentstrips

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Charter Booker Safe to Use in 2026?

Generally Safe

Score 100/100

Charter Booker has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The "charter-booker" plugin v1.1.2 exhibits a generally good security posture with several strengths. The code largely adheres to secure development practices, evidenced by 100% of SQL queries using prepared statements and a high rate of output escaping (97%). The absence of dangerous functions, file operations, and external HTTP requests is also a positive sign. Furthermore, the plugin has no recorded vulnerability history, suggesting a track record of stability and security.

However, there are specific areas of concern that warrant attention. The plugin exposes one unprotected entry point among its total of six, specifically within its REST API routes. This unprotected route represents a potential avenue for unauthorized access or manipulation if not properly secured by the calling application. Additionally, the taint analysis revealed six flows with unsanitized paths, although none reached critical or high severity in this analysis. These unsanitized paths, even without immediate exploitable vulnerabilities, indicate potential weaknesses that could be exploited in conjunction with other factors or in future plugin versions.

In conclusion, "charter-booker" v1.1.2 is a relatively secure plugin with a strong foundation in secure coding practices. The primary risk lies in the unprotected REST API route, which should be prioritized for immediate remediation. The presence of unsanitized paths in the taint analysis, while not critical, suggests a need for ongoing code review and potential hardening to prevent future vulnerabilities. The lack of historical vulnerabilities is a strong positive indicator of its overall reliability.

Key Concerns

REST API route without permission callback
Flows with unsanitized paths detected

Vulnerabilities

None known

Charter Booker Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Charter Booker Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

371 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius1.0

Output Escaping

97% escaped384 total outputs

Data Flows

6 unsanitized

Data Flow Analysis

9 flows6 with unsanitized paths

chbk_render_captains_page (includes\admin.php:302)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

Charter Booker Attack Surface

Entry Points6

Unprotected1

AJAX Handlers 1

authwp_ajax_chbk_update_booking_statusincludes\admin.php:22

REST API Routes 3

GET/wp-json/chbk/v1/tripsincludes\rest.php:14

GET/wp-json/chbk/v1/trips/(?P<id>\d+)/availabilityincludes\rest.php:20

GET/wp-json/chbk/v1/bookings/(?P<id>\d+)includes\rest.php:39

Shortcodes 2

[chbk_trip_search] includes\frontend.php:9

[chbk_booking_form] includes\frontend.php:10

WordPress Hooks 23

actionplugins_loadedcharter-booker.php:65

actionadmin_menuincludes\admin.php:11

actionadmin_initincludes\admin.php:12

actionadmin_noticesincludes\admin.php:13

actionadmin_noticesincludes\admin.php:14

actionsave_post_chbk_tripincludes\admin.php:15

filterpost_row_actionsincludes\admin.php:16

actionadmin_action_chbk_clone_tripincludes\admin.php:17

actionadmin_post_chbk_resend_booking_emailincludes\admin.php:18

actionadmin_post_chbk_record_booking_paymentincludes\admin.php:19

actionadmin_post_chbk_update_booking_paymentincludes\admin.php:20

actionadmin_post_chbk_delete_booking_paymentincludes\admin.php:21

actionadmin_enqueue_scriptsincludes\assets.php:7

actionwp_enqueue_scriptsincludes\assets.php:8

actioninitincludes\cpt.php:7

filteruse_block_editor_for_post_typeincludes\cpt.php:8

actionchbk_booking_createdincludes\emails.php:7

filterthe_contentincludes\frontend.php:11

filterallowed_redirect_hostsincludes\frontend.php:459

actionadd_meta_boxesincludes\meta.php:100

actionsave_postincludes\meta.php:887

actionrest_api_initincludes\rest.php:9

actionupdate_option_chbk_settingsincludes\settings.php:15

Maintenance & Trust

Charter Booker Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedUnknown

PHP min version7.4

Downloads144

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Charter Booker Alternatives

WooPayments: Integrated WooCommerce Payments

woocommerce-payments

Securely accept credit and debit cards on your WooCommerce store. Manage payments without leaving your WordPress dashboard. Only with WooPayments.

900K 7 CVEs

WooCommerce PayPal Payments

woocommerce-paypal-payments

100

PayPal's latest payment processing solution. Accept PayPal, Pay Later, credit/debit cards, alternative digital wallets and bank accounts.

800K 1 CVE

WooCommerce Stripe Payment Gateway

woocommerce-gateway-stripe

Accept debit and credit cards in 135+ currencies, many local methods like Alipay, ACH, and SEPA, and express checkout with Apple Pay and Google Pay.

700K 4 CVEs

PrettyLinks – Affiliate Links, Link Branding, Link Tracking, Marketing and Stripe Payments Plugin

pretty-link

🌠 The best WordPress link management, branding, tracking, sharing and payments plugin. Easily make pretty & trackable shortlinks. 🔗

300K 8 CVEs

Mollie Payments for WooCommerce

mollie-payments-for-woocommerce

Accept all major payment methods in WooCommerce today. Credit cards, iDEAL and more! Fast, safe and intuitive.

100K 4 CVEs

Developer Profile

Charter Booker Developer Profile

mdburnette

6 plugins · 2K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Charter Booker

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/charter-booker/assets/js/datepicker.js/wp-content/plugins/charter-booker/assets/css/datepicker.css/wp-content/plugins/charter-booker/assets/css/admin-ui.css/wp-content/plugins/charter-booker/assets/css/frontend-ui.css

Script Paths

/wp-content/plugins/charter-booker/assets/js/datepicker.js

Version Parameters

charter-booker/assets/js/datepicker.js?ver=charter-booker/assets/css/datepicker.css?ver=charter-booker/assets/css/admin-ui.css?ver=charter-booker/assets/css/frontend-ui.css?ver=

HTML / DOM Fingerprints

CSS Classes

chbk-trip-listingschbk-booking-shell

Data Attributes

chbk_captainchbk_boatchbk_tripchbk_booking

Shortcode Output

[chbk_trip_search][chbk_booking_form]

FAQ