Does DocBooker – Doctor Appointment & Hospital Management have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is DocBooker – Doctor Appointment & Hospital Management compatible with WordPress 6.9.4?

According to WordPress.org data, DocBooker – Doctor Appointment & Hospital Management 1.7.4 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is DocBooker – Doctor Appointment & Hospital Management compatible with PHP 7.4+?

DocBooker – Doctor Appointment & Hospital Management requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

What is DocBooker – Doctor Appointment & Hospital Management's security score?

DocBooker – Doctor Appointment & Hospital Management has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

DocBooker – Doctor Appointment & Hospital Management Security & Risk Analysis

wordpress.org/plugins/doc-booker

DocBooker simplifies hospital and clinic management, making it an essential tool for healthcare professionals and administrators.

80 active installs v1.7.4 PHP 7.4+ WP 5.5+ Updated Jan 28, 2026

appointmentbookingbooking-systemdoctorhospital-management

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is DocBooker – Doctor Appointment & Hospital Management Safe to Use in 2026?

Generally Safe

Score 100/100

DocBooker – Doctor Appointment & Hospital Management has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago

Risk Assessment

The doc-booker v1.7.4 plugin exhibits a generally strong security posture, with a significant majority of its code employing good security practices such as prepared statements for SQL queries and proper output escaping. The absence of dangerous functions, file operations, external HTTP requests, and any recorded vulnerabilities in its history are commendable strengths. Furthermore, the plugin demonstrates a good awareness of security by implementing nonce and capability checks on many of its entry points.

However, there are specific areas that present potential risks. The static analysis reveals a notable attack surface with three unprotected entry points: one AJAX handler and two REST API routes that lack permission callbacks. While no critical or high severity taint flows were identified, these unprotected endpoints could be susceptible to unauthorized access or manipulation if they handle user-supplied data without proper sanitization or authorization. The presence of these unprotected points, though few, is a concern that could be exploited by an attacker.

In conclusion, doc-booker v1.7.4 has a robust foundation of secure coding practices. Its lack of past vulnerabilities is a positive indicator. The primary weakness lies in the identified unprotected AJAX and REST API routes, which represent a direct avenue for potential exploitation. Addressing these specific entry points should be the priority for improving the plugin's overall security.

Key Concerns

AJAX handler without authentication check
REST API routes without permission callbacks (2)

Vulnerabilities

None known

DocBooker – Doctor Appointment & Hospital Management Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

DocBooker – Doctor Appointment & Hospital Management Release Timeline

v1.7.4Current

v1.7.3

v1.7.2

v1.7.1

v1.7.0

v1.6.2

v1.6.1

v1.6.0

v1.5.0

v1.4.0

v1.3.0

v1.2.0

v1.1.0

v1.0.0

Code Analysis

Analyzed Mar 16, 2026

DocBooker – Doctor Appointment & Hospital Management Code Analysis

Dangerous Functions

Raw SQL Queries

17 prepared

Unescaped Output

426 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

68% prepared25 total queries

Output Escaping

96% escaped442 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

6 flows

save_wpddb_doctor_shortcode_post_meta (app\Controllers\Admin\PostMeta.php:264)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

DocBooker – Doctor Appointment & Hospital Management Attack Surface

Entry Points15

Unprotected3

AJAX Handlers 8

authwp_ajax_docbooker_dismiss_offer_admin_noticeapp\Controllers\Abstracts\Discount\Discount.php:198

authwp_ajax_wpddb_save_settingsapp\Controllers\AjaxControllers.php:17

authwp_ajax_wpd_booking_cancelapp\Controllers\AjaxControllers.php:18

authwp_ajax_wpd_delete_bookingapp\Controllers\AjaxControllers.php:19

authwp_ajax_wpddb_get_clinics_by_categoryapp\Controllers\AjaxControllers.php:22

noprivwp_ajax_wpddb_get_clinics_by_categoryapp\Controllers\AjaxControllers.php:23

authwp_ajax_wpddb_get_doctors_by_clinicapp\Controllers\AjaxControllers.php:25

noprivwp_ajax_wpddb_get_doctors_by_clinicapp\Controllers\AjaxControllers.php:26

REST API Routes 4

GET/wp-json/get-doctor/v1/departmentsapp\Controllers\Admin\Api\RestApi.php:53

GET/wp-json/get-doctor-by-departments/v1/(?P<id>\d+)app\Controllers\Admin\Api\RestApi.php:60

GET/wp-json/doctor-details-booking/v1/doctors/(?P<id>\d+)/scheduleapp\Controllers\Admin\Api\RestApi.php:67

POST/wp-json/doctor-details-booking/v1/bookingsapp\Controllers\Admin\Api\RestApi.php:74

Shortcodes 3

[wpddbdoctor] app\Controllers\Frontend\DocShortcode.php:21

[wpddbclinic] app\Controllers\Frontend\DocShortcode.php:22

[wpddb_doctor_booking_form] app\Controllers\Frontend\DocShortcode.php:23

WordPress Hooks 73

actionadmin_initapp\Controllers\Abstracts\Discount\Discount.php:25

actionadmin_enqueue_scriptsapp\Controllers\Abstracts\Discount\Discount.php:73

actionadmin_noticesapp\Controllers\Abstracts\Discount\Discount.php:80

actionadmin_footerapp\Controllers\Abstracts\Discount\Discount.php:173

actionin_admin_headerapp\Controllers\Admin\AdminInit.php:24

actionrest_api_initapp\Controllers\Admin\Api\RestApi.php:21

filterplugin_row_metaapp\Controllers\Admin\PluginRow.php:27

actionadd_meta_boxesapp\Controllers\Admin\PostMeta.php:18

actionsave_post_wpddb_doctorapp\Controllers\Admin\PostMeta.php:19

actionsave_post_wpddb_clinicapp\Controllers\Admin\PostMeta.php:20

actionsave_post_wpd_doctor_shortcodeapp\Controllers\Admin\PostMeta.php:21

actionsave_post_wpd_clinic_shortcodeapp\Controllers\Admin\PostMeta.php:22

filteruse_block_editor_for_post_typeapp\Controllers\Admin\PostMeta.php:23

actioninitapp\Controllers\Admin\RegisterPostType.php:14

actioninitapp\Controllers\Admin\RegisterPostType.php:15

filterrest_api_allowed_post_typesapp\Controllers\Admin\RegisterPostType.php:16

actionwpddb_flush_rewrite_rulesapp\Controllers\Admin\RegisterPostType.php:17

filtergutenberg_can_edit_post_typeapp\Controllers\Admin\RegisterPostType.php:18

filteruse_block_editor_for_post_typeapp\Controllers\Admin\RegisterPostType.php:19

actionedit_form_after_titleapp\Controllers\Admin\Shortcode\ShortcodeInit.php:17

actionedit_form_after_titleapp\Controllers\Admin\Shortcode\ShortcodeInit.php:22

actionadmin_menuapp\Controllers\Admin\SubMenu.php:13

actioninitapp\Controllers\BookingManagement.php:12

actionwpddb_doctor_scheduleapp\Controllers\Hooks\ActionHooks.php:20

actionwpddb_doctor_info_metaapp\Controllers\Hooks\ActionHooks.php:21

actionwpddb_clinic_after_titleapp\Controllers\Hooks\ActionHooks.php:22

actionwpddb_clinic_after_contentapp\Controllers\Hooks\ActionHooks.php:23

actionwpddb_doctor_details_bookingapp\Controllers\Hooks\ActionHooks.php:25

actionwpddb_doctor_shortcode_after_titleapp\Controllers\Hooks\ActionHooks.php:27

actionwpddb_doctor_shortcode_before_titleapp\Controllers\Hooks\ActionHooks.php:28

actionwpddb_clinic_shortcode_contentapp\Controllers\Hooks\ActionHooks.php:30

actionwpddb_clinic_shortcode_map_btnapp\Controllers\Hooks\ActionHooks.php:31

actionwpddb_clinic_thumbnailapp\Controllers\Hooks\ActionHooks.php:32

actiontemplate_redirectapp\Controllers\Hooks\AfterSetupTheme.php:16

filterwp_kses_allowed_htmlapp\Controllers\Hooks\FilterHooks.php:13

filterdisplay_post_statesapp\Controllers\Hooks\FilterHooks.php:14

filterbody_classapp\Controllers\Hooks\TemplateHooks.php:16

actionwpddb_before_main_content_wrapperapp\Controllers\Hooks\TemplateHooks.php:17

actionwpddb_before_main_contentapp\Controllers\Hooks\TemplateHooks.php:18

actionwpddb_after_main_contentapp\Controllers\Hooks\TemplateHooks.php:19

actionwpddb_after_main_content_wrapperapp\Controllers\Hooks\TemplateHooks.php:20

actionwpddb_doctor_loop_item_startapp\Controllers\Hooks\TemplateHooks.php:23

actionwpddb_doctor_loop_itemapp\Controllers\Hooks\TemplateHooks.php:27

actionwpddb_doctor_loop_itemapp\Controllers\Hooks\TemplateHooks.php:28

actionwpddb_doctor_loop_itemapp\Controllers\Hooks\TemplateHooks.php:29

actionwpddb_doctor_loop_itemapp\Controllers\Hooks\TemplateHooks.php:30

actionwpddb_doctor_loop_itemapp\Controllers\Hooks\TemplateHooks.php:31

actionwpddb_doctor_loop_itemapp\Controllers\Hooks\TemplateHooks.php:32

actionwpddb_doctor_loop_item_after_contentapp\Controllers\Hooks\TemplateHooks.php:33

actionwpddb_clinic_loop_item_startapp\Controllers\Hooks\TemplateHooks.php:36

actionwpddb_clinic_loop_itemapp\Controllers\Hooks\TemplateHooks.php:39

actionwpddb_clinic_loop_itemapp\Controllers\Hooks\TemplateHooks.php:40

actionwpddb_clinic_loop_itemapp\Controllers\Hooks\TemplateHooks.php:41

actionwpddb_clinic_loop_itemapp\Controllers\Hooks\TemplateHooks.php:42

actionwpddb_clinic_loop_itemapp\Controllers\Hooks\TemplateHooks.php:43

actionwpddb_clinic_loop_itemapp\Controllers\Hooks\TemplateHooks.php:44

actionwpddb_clinic_loop_item_after_contentapp\Controllers\Hooks\TemplateHooks.php:45

filtertemplate_includeapp\Controllers\Hooks\TemplateLoader.php:23

actionpre_get_postsapp\Controllers\Model\QueryBuilder.php:10

filterimage_resize_dimensionsapp\Controllers\Model\ThumbnailSizeGenerator.php:49

actionadmin_enqueue_scriptsapp\Controllers\ScriptsController.php:38

actionwp_enqueue_scriptsapp\Controllers\ScriptsController.php:43

actionwp_footerapp\Controllers\ScriptsController.php:45

filterastra_dynamic_post_structure_posttypesapp\Controllers\ThemesSupport\Astra\ThemeSupport.php:19

filterastra_blog_post_per_page_exclusionsapp\Controllers\ThemesSupport\Astra\ThemeSupport.php:20

actionplugins_loadedapp\DocBooker.php:47

actionafter_setup_themeapp\DocBooker.php:48

actioninitapp\DocBooker.php:49

actioninitapp\DocBooker.php:50

actionwidgets_initapp\Widgets\Widgets.php:17

actionwidgets_initapp\Widgets\Widgets.php:18

actioninitapp\Widgets\Widgets.php:19

filterelementor/widgets/wordpress/widget_argsapp\Widgets\Widgets.php:70

Maintenance & Trust

DocBooker – Doctor Appointment & Hospital Management Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 28, 2026

PHP min version7.4

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs80

Alternatives

DocBooker – Doctor Appointment & Hospital Management Alternatives

Krishnadas Hospital Appointments & Clinic Manager

krishnadas-hospital-appointments-clinic-manager

100

Doctor appointment booking plugin with doctor registration, appointment management, and admin approval.

0 No CVEs

Booking for Appointments and Events Calendar – Amelia

ameliabooking

Amelia is a powerful booking plugin for appointments and events. Manage scheduling, calendars, and availability with an all-in-one booking system.

90K 30 CVEs

Online Scheduling and Appointment Booking System – Bookly

bookly-responsive-appointment-booking-tool

Appointment booking system for WordPress — schedule appointments, manage calendars, send reminders, take payments. Start booking today!

70K 10 CVEs

Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin

simply-schedule-appointments

Unlimited appointments, booking calendars, and notifications. Powerful appointment booking plugin and booking system. Start scheduling for free today!

60K 27 CVEs

Fluent Booking – The Ultimate Appointments Scheduling, Events Booking, Events Calendar Solution

fluent-booking

The ultimate solution for booking appointments, meetings, webinars, events, sales calls, and more.

20K 3 CVEs

Developer Profile

DocBooker – Doctor Appointment & Hospital Management Developer Profile

WP Dreamers

2 plugins · 180 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect DocBooker – Doctor Appointment & Hospital Management

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/doc-booker/assets/admin/img/doctime-logo-96x96.png

HTML / DOM Fingerprints

CSS Classes

docbooker-offer-notice

Data Attributes

data-docbookerdismissable

JS Globals

docbooker__notice

FAQ