WP-Safety

Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin Security & Risk Analysis

wordpress.org/plugins/simply-schedule-appointments

Unlimited appointments, booking calendars, and notifications. Powerful appointment booking plugin and booking system. Start scheduling for free today!

60K active installs v1.6.10.2 PHP 7.4+ WP 5.1+ Updated Mar 17, 2026
appointment-bookingappointmentsbookingbooking-systemscheduling
88
A · Safe
CVEs total22
Unpatched0
Last CVEMar 18, 2026
Plugin page Download
Safety Verdict

Is Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin Safe to Use in 2026?

Generally Safe

Score 88/100

Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin has a strong security track record. Known vulnerabilities have been patched promptly.

22 known CVEsLast CVE: Mar 18, 2026Updated 20d ago
Risk Assessment

The "simply-schedule-appointments" plugin version 1.6.10.0 exhibits a mixed security posture. While the static analysis shows a commendable effort in securing its entry points, with no unprotected AJAX handlers or REST API routes, and a high percentage of SQL queries using prepared statements, there are significant concerns regarding output escaping and a concerning vulnerability history. The fact that only 51% of outputs are properly escaped is a red flag, indicating a potential for cross-site scripting (XSS) vulnerabilities if user-controlled input is not handled meticulously in all output contexts. Furthermore, the plugin has a substantial history of known CVEs, with 7 high and 14 medium severity vulnerabilities previously identified. While there are currently no unpatched vulnerabilities, this past trend suggests a pattern of insecure coding practices that have historically led to critical security flaws across various categories including authorization bypass, code injection, OS command injection, SQL injection, and XSS. The plugin also utilizes the Guzzle bundled library, which, if outdated, could introduce further risks.

Despite the robust measures in securing entry points and database interactions, the significant number of past high and medium severity vulnerabilities across diverse exploit types, coupled with the low output escaping rate, presents a considerable risk. Users should be aware that while the current version might not have unpatched issues, the historical pattern and the identified output escaping weakness suggest a need for vigilance and prompt updates. The presence of 17 file operations and 16 external HTTP requests also represent potential attack vectors that, combined with insufficient output sanitization, could be exploited. The conclusion is that while the plugin has made strides in securing its interfaces, its past vulnerability record and current output escaping deficiencies warrant caution.

Key Concerns

  • Low output escaping rate
  • Numerous past high severity vulnerabilities
  • Numerous past medium severity vulnerabilities
  • Bundled library (Guzzle)
Vulnerabilities
22

Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin Security Vulnerabilities

CVEs by Year

2 CVEs in 2022
2022
1 CVE in 2023
2023
8 CVEs in 2024
2024
4 CVEs in 2025
2025
7 CVEs in 2026
2026
Patched Has unpatched

Severity Breakdown

High
8
Medium
14

22 total CVEs

CVE-2026-3658high · 7.5Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Appointment Booking Calendar <= 1.6.10.0 - Unauthenticated SQL Injection via 'fields' Parameter

Mar 18, 2026 Patched in 1.6.10.2 (1d)
CVE-2026-3045high · 7.5Missing Authorization

Appointment Booking Calendar <= 1.6.9.29 - Missing Authorization to Unauthenticated Sensitive Information Exposure via Settings REST API Endpoint

Mar 12, 2026 Patched in 1.6.10.0 (1d)
CVE-2026-1704medium · 4.3Authorization Bypass Through User-Controlled Key

Appointment Booking Calendar <= 1.6.9.29 - Insecure Direct Object Reference to Authenticated (Staff+) Sensitive Information Exposure

Mar 12, 2026 Patched in 1.6.10.0 (1d)
CVE-2026-1708high · 7.5Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Appointment Booking Calendar <= 1.6.9.27 - Unauthenticated SQL Injection via 'append_where_sql' Parameter

Mar 10, 2026 Patched in 1.6.9.29 (1d)
CVE-2025-69315medium · 5.3Missing Authorization

Simply Schedule Appointments <= 1.6.9.15 - Missing Authorization

Jan 20, 2026 Patched in 1.6.9.17 (9d)
CVE-2025-12166high · 7.5Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Simply Schedule Appointments <= 1.6.9.9 - Unauthenticated SQL Injection via `order` and `append_where_sql` Parameters

Jan 14, 2026 Patched in 1.6.9.13 (1d)
CVE-2025-11723medium · 6.5Use of Insufficiently Random Values

Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.9.5 - Unauthenticated Sensitive Information Exposure

Jan 5, 2026 Patched in 1.6.9.6 (1d)
CVE-2025-13754medium · 5.3Missing Authorization

Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.9.16 - Missing Authorization to Unauthenticated Sensitive Information Exposure

Dec 18, 2025 Patched in 1.6.9.17 (1d)
CVE-2025-4667medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Simply Schedule Appointments <= 1.6.8.30 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Shortcodes

Jun 13, 2025 Patched in 1.6.8.32 (1d)
CVE-2025-1119high · 7.3Improper Control of Generation of Code ('Code Injection')

Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.8.5 - Unauthenticated Arbitrary Shortcode Execution

Mar 12, 2025 Patched in 1.6.8.7 (17d)
CVE-2024-13431medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.8.3 - Reflected Cross-Site Scripting

Mar 6, 2025 Patched in 1.6.8.5 (29d)
CVE-2024-7877medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Appointment Booking Calendar <= - Authenticated (Admin+) Stored Cross-Site Scripting via Notification Settings

Oct 15, 2024 Patched in 1.6.7.55 (1d)
CVE-2024-7876medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Appointment Booking Calendar <= 1.6.7.53 - Authenticated (Admin+) Stored Cross-Site Scripting via Appointment Settings

Oct 15, 2024 Patched in 1.6.7.55 (1d)
CVE-2024-7129high · 7.2Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.7.42 - Authenticated (Admin+) Remote Code Execution

Aug 23, 2024 Patched in 1.6.7.43 (43d)
CVE-2024-4288medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.7.14 - Authenticated (Contributor+) Stored Cross-Site Scripting

May 15, 2024 Patched in 1.6.7.18 (1d)
CVE-2024-22311medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Simply Schedule Appointments <= 1.6.6.20 - Reflected Cross-Site Scripting

Mar 26, 2024 Patched in 1.6.6.24 (7d)
CVE-2024-2342high · 8.8Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.7.7 - Authenticated (Contributor+) SQL Injection via Shortcode

Mar 20, 2024 Patched in 1.6.7.9 (21d)
CVE-2024-2341high · 8.8Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.7.7 - Authenticated (Subscriber+) SQL Injection

Mar 20, 2024 Patched in 1.6.7.9 (21d)
CVE-2024-1760medium · 4.3Cross-Site Request Forgery (CSRF)

Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.6.20 - Cross-Site Request Forgery to Plugin Data Reset

Mar 5, 2024 Patched in 1.6.6.24 (1d)
CVE-2023-50851medium · 6.6Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Simply Schedule Appointments <= 1.6.5.27 - Authenticated(Administrator+) SQL Injection

Dec 21, 2023 Patched in 1.6.6.1 (33d)
CVE-2022-2374medium · 5.5Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Simply Schedule Appointments <= 1.5.7.5 - Authenticated (Admin+) Stored Cross-Site Scripting

Aug 8, 2022 Patched in 1.5.7.7 (533d)
CVE-2022-2373medium · 5.3Exposure of Sensitive Information to an Unauthorized Actor

Simply Schedule Appointments <= 1.5.7.5 - Unauthenticated Sensitive Information Exposure

Aug 8, 2022 Patched in 1.5.7.7 (533d)
Version History

Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin Release Timeline

v1.6.10.2Current
v1.6.10.01 CVE
CVE-2026-3658
v1.6.9.293 CVEs
CVE-2026-3045 CVE-2026-3658 CVE-2026-1704
v1.6.9.274 CVEs
CVE-2026-3045 CVE-2026-3658 CVE-2026-1708 +1 more
v1.6.9.254 CVEs
CVE-2026-3045 CVE-2026-3658 CVE-2026-1708 +1 more
v1.6.9.234 CVEs
CVE-2026-3045 CVE-2026-3658 CVE-2026-1708 +1 more
v1.6.9.214 CVEs
CVE-2026-3045 CVE-2026-3658 CVE-2026-1708 +1 more
v1.6.9.194 CVEs
CVE-2026-3045 CVE-2026-3658 CVE-2026-1708 +1 more
v1.6.9.174 CVEs
CVE-2026-3045 CVE-2026-3658 CVE-2026-1708 +1 more
v1.6.9.156 CVEs
CVE-2025-69315 CVE-2025-13754 CVE-2026-3045 +3 more
v1.6.9.136 CVEs
CVE-2025-69315 CVE-2025-13754 CVE-2026-3045 +3 more
v1.6.9.97 CVEs
CVE-2025-69315 CVE-2025-13754 CVE-2025-12166 +4 more
v1.6.9.87 CVEs
CVE-2025-69315 CVE-2025-13754 CVE-2025-12166 +4 more
v1.6.9.67 CVEs
CVE-2025-69315 CVE-2025-13754 CVE-2025-12166 +4 more
v1.6.9.48 CVEs
CVE-2025-69315 CVE-2025-13754 CVE-2025-12166 +5 more
v1.6.9.28 CVEs
CVE-2025-69315 CVE-2025-13754 CVE-2025-12166 +5 more
v1.6.9.08 CVEs
CVE-2025-69315 CVE-2025-13754 CVE-2025-12166 +5 more
v1.6.8.638 CVEs
CVE-2025-69315 CVE-2025-13754 CVE-2025-12166 +5 more
v1.6.8.618 CVEs
CVE-2025-69315 CVE-2025-13754 CVE-2025-12166 +5 more
v1.6.8.598 CVEs
CVE-2025-69315 CVE-2025-13754 CVE-2025-12166 +5 more
Code Analysis
Analyzed Mar 16, 2026

Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin Code Analysis

Dangerous Functions
0
Raw SQL Queries
16
219 prepared
Unescaped Output
195
207 escaped
Nonce Checks
20
Capability Checks
78
File Operations
17
External Requests
16
Bundled Libraries
1

Bundled Libraries

Guzzle

SQL Query Safety

93% prepared235 total queries

Output Escaping

51% escaped402 total outputs
Data Flows
All sanitized

Data Flow Analysis

6 flows
debug_settings (includes\class-debug.php:46)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin Attack Surface

Entry Points9
Unprotected0

REST API Routes 1

POST/wp-json/ssa/v1/render-shortcodeincludes\class-divi.php:234

Shortcodes 8

[ssa_booking] includes\class-shortcodes.php:49
[tec_ssa_booking] includes\class-shortcodes.php:50
[mepr_ssa_booking] includes\class-shortcodes.php:51
[ssa_past_appointments] includes\class-shortcodes.php:52
[ssa_upcoming_appointments] includes\class-shortcodes.php:53
[ssa_admin_upcoming_appointments] includes\class-shortcodes.php:54
[ssa_admin] includes\class-shortcodes.php:55
[ssa_confirmation] includes\class-shortcodes.php:56
WordPress Hooks 192
actionwp_footerbooking-app-new\page-appointment-edit.php:37
actionwp_footerbooking-app-new\page-appointment-edit.php:38
actioninitincludes\class-action-scheduler.php:42
actionssa/async/ics_cleanupincludes\class-action-scheduler.php:43
actionssa/async/csv_cleanupincludes\class-action-scheduler.php:44
actionssa/support/send_minimal_support_ticketincludes\class-action-scheduler.php:45
actioninitincludes\class-advanced-scheduling-availability.php:43
filterssa/appointment_type/prepare_item_for_responseincludes\class-advanced-scheduling-availability.php:47
filterssa/get_blocked_periods/blocked_periodsincludes\class-advanced-scheduling-availability.php:54
filterssa/appointment/before_insertincludes\class-appointment-model.php:48
filterssa/appointment/before_updateincludes\class-appointment-model.php:49
filterssa/appointment/before_updateincludes\class-appointment-model.php:50
filterssa/appointment/before_insertincludes\class-appointment-model.php:52
filterssa/appointment/before_updateincludes\class-appointment-model.php:54
actionssa/appointment/after_insertincludes\class-appointment-model.php:56
filterssa/appointment/after_getincludes\class-appointment-model.php:58
filterssa/appointment_type_label/before_insertincludes\class-appointment-type-label-model.php:46
filterssa/appointment_type_label/before_updateincludes\class-appointment-type-label-model.php:47
filterssa/appointment_type_label/before_deleteincludes\class-appointment-type-label-model.php:48
actionssa/appointment_type/after_insertincludes\class-appointment-type-model.php:48
actionssa/appointment_type/after_updateincludes\class-appointment-type-model.php:49
actionssa/appointment_type/after_deleteincludes\class-appointment-type-model.php:50
filterssa/appointment_type/prepare_item_for_responseincludes\class-appointment-type-model.php:51
filterssa/appointment_type/before_updateincludes\class-appointment-type-model.php:53
actionssa/settings/staff/updatedincludes\class-appointment-type-model.php:54
actionssa/settings/resources/updatedincludes\class-appointment-type-model.php:55
actionssa/staff/after_updateincludes\class-appointment-type-model.php:56
actionssa/staff/after_deleteincludes\class-appointment-type-model.php:57
actionssa/resource_group/after_insertincludes\class-appointment-type-model.php:59
actionssa/resource_group/after_updateincludes\class-appointment-type-model.php:60
actionssa/resource_group/after_deleteincludes\class-appointment-type-model.php:61
actionssa/resource/after_insertincludes\class-appointment-type-model.php:63
actionssa/resource/after_updateincludes\class-appointment-type-model.php:64
actionssa/resource/after_deleteincludes\class-appointment-type-model.php:65
actionssa/async/gcal_cleanupincludes\class-appointment-type-model.php:67
filtercron_schedulesincludes\class-async-action-model.php:48
actioninitincludes\class-async-action-model.php:50
actionssa_cron_process_async_actionsincludes\class-async-action-model.php:52
actioninitincludes\class-async-action-model.php:54
actionssa/async_actions/cleanupincludes\class-async-action-model.php:55
actionssa/settings/global/updatedincludes\class-availability-cache-invalidation.php:43
actionssa/settings/blackout_dates/updatedincludes\class-availability-cache-invalidation.php:44
actionssa/settings/advanced_scheduling/updatedincludes\class-availability-cache-invalidation.php:45
actionssa/settings/google_calendar/updatedincludes\class-availability-cache-invalidation.php:46
actionssa/appointment/after_insertincludes\class-availability-cache-invalidation.php:48
actionssa/appointment/after_updateincludes\class-availability-cache-invalidation.php:49
actionssa/appointment_type/after_updateincludes\class-availability-cache-invalidation.php:52
actionssa/appointment_type/after_deleteincludes\class-availability-cache-invalidation.php:53
actionshutdownincludes\class-availability-cache-invalidation.php:55
actionadmin_initincludes\class-availability-default.php:42
filterssa/buffer_period/start_dateincludes\class-availability-functions.php:43
filterssa/buffer_period/end_dateincludes\class-availability-functions.php:44
actioninitincludes\class-beaver-builder.php:45
filterssa/get_blocked_periods/blocked_periodsincludes\class-blackout-dates.php:43
filterssa/availability/troubleshootincludes\class-blackout-dates.php:44
actionadmin_initincludes\class-blackout-dates.php:47
actionssa/blackout_dates/cleanupincludes\class-blackout-dates.php:48
actioninitincludes\class-block-booking.php:42
actioninitincludes\class-block-upcoming-appointments.php:45
filternonce_user_logged_outincludes\class-bootstrap.php:45
actioninitincludes\class-capabilities.php:42
actionadmin_initincludes\class-capabilities.php:43
filteruser_has_capincludes\class-capabilities.php:45
actionmembers_register_cap_groupsincludes\class-capabilities.php:51
actionmembers_register_capsincludes\class-capabilities.php:52
actionrest_api_initincludes\class-customers.php:42
actionwp_dashboard_setupincludes\class-dashboard-upcoming-appointments-widget.php:39
filterrest_authentication_errorsincludes\class-db-model.php:40
actionadmin_initincludes\class-debug.php:42
actioninitincludes\class-debug.php:43
actionssa/settings/developer/updatedincludes\class-developer-settings.php:44
actionssa/settings/developer/updatedincludes\class-developer-settings.php:45
actionssa/settings/developer/updatedincludes\class-developer-settings.php:46
actioninitincludes\class-divi.php:54
actionenqueue_block_editor_assetsincludes\class-divi.php:57
actionwp_enqueue_scriptsincludes\class-divi.php:58
actiondivi_extensions_initincludes\class-divi.php:61
actionrest_api_initincludes\class-divi.php:65
actioninitincludes\class-elementor.php:82
actionelementor/frontend/after_enqueue_stylesincludes\class-elementor.php:118
actionelementor/frontend/after_register_scriptsincludes\class-elementor.php:121
actionelementor/widgets/widgets_registeredincludes\class-elementor.php:129
actionelementor/controls/controls_registeredincludes\class-elementor.php:130
actionelementor/widgets/registerincludes\class-elementor.php:135
actionelementor/controls/registerincludes\class-elementor.php:136
actionssa/appointment/after_insertincludes\class-forms.php:43
actionssa/appointment/after_updateincludes\class-forms.php:44
actionssa_cleanup_pending_formsincludes\class-forms.php:45
actionssa/appointment/after_insertincludes\class-hooks.php:43
actionssa/appointment/after_insertincludes\class-hooks.php:44
actionssa/appointment/after_updateincludes\class-hooks.php:45
actionssa/appointment_meta/after_insertincludes\class-hooks.php:46
actionssa/appointment_meta/after_insertincludes\class-hooks.php:47
actionssa/appointment/after_updateincludes\class-hooks.php:50
actionssa/appointment/after_updateincludes\class-hooks.php:51
actionssa/appointment/after_updateincludes\class-hooks.php:52
actionssa/appointment/after_updateincludes\class-hooks.php:53
actionssa/appointment/after_updateincludes\class-hooks.php:56
actionssa/appointment/after_deleteincludes\class-notifications.php:42
actionssa/appointment/bookedincludes\class-notifications.php:43
actionssa/appointment/rescheduledincludes\class-notifications.php:44
actionssa/appointment/rescheduledincludes\class-notifications.php:45
actionssa/appointment/rescheduledincludes\class-notifications.php:46
actionssa/appointment/bookedincludes\class-notifications.php:47
actionssa/appointment/customer_information_editedincludes\class-notifications.php:48
actionssa/appointment/canceledincludes\class-notifications.php:49
filterssa/appointment/after_insertincludes\class-notifications.php:50
actionssa_fire_appointment_rescheduled_notificationsincludes\class-notifications.php:52
actionssa_fire_appointment_booked_notificationsincludes\class-notifications.php:53
actionssa_fire_appointment_start_date_notificationsincludes\class-notifications.php:54
actionssa_fire_appointment_customer_information_edited_notificationsincludes\class-notifications.php:55
actionssa_fire_appointment_canceled_notificationsincludes\class-notifications.php:56
actionssa/async/send_notificationsincludes\class-notifications.php:57
filterwp_mail_from_nameincludes\class-notifications.php:770
actionssa/appointment/bookedincludes\class-revision-model.php:46
actionssa/appointment/editedincludes\class-revision-model.php:47
actionssa/appointment/rescheduledincludes\class-revision-model.php:48
actionssa/appointment/abandonedincludes\class-revision-model.php:49
actionssa/appointment/canceledincludes\class-revision-model.php:50
actionssa/appointment/pendingincludes\class-revision-model.php:51
actionssa/appointment/no_showincludes\class-revision-model.php:54
actionssa/appointment/no_show_revertedincludes\class-revision-model.php:55
actionssa/appointment/after_insertincludes\class-revision-model.php:58
actionssa/appointment/after_updateincludes\class-revision-model.php:61
actioninitincludes\class-revision-model.php:65
actionssa/revisions/cleanupincludes\class-revision-model.php:66
actionssa/notification/scheduledincludes\class-revision-model.php:69
actionssa/notification/sentincludes\class-revision-model.php:70
actionssa/appointment_type/after_insertincludes\class-revision-model.php:73
actionssa/appointment_type/after_deleteincludes\class-revision-model.php:74
actionssa/appointment_type/after_updateincludes\class-revision-model.php:75
filterssa/get_blocked_periods/blocked_periodsincludes\class-scheduling-max-per-day.php:44
filterssa/get_booked_periods/booked_periodsincludes\class-scheduling-max-per-day.php:45
actionssa/appointment_type/after_insertincludes\class-settings-global.php:44
filterssa_settings_schemaincludes\class-settings.php:387
filterssa_settings_computed_schemaincludes\class-settings.php:388
actioninitincludes\class-shortcodes.php:58
actionwp_enqueue_scriptsincludes\class-shortcodes.php:60
actioninitincludes\class-shortcodes.php:61
actionwp_enqueue_scriptsincludes\class-shortcodes.php:62
actionwp_enqueue_scriptsincludes\class-shortcodes.php:64
actionwp_enqueue_scriptsincludes\class-shortcodes.php:66
actionwp_enqueue_scriptsincludes\class-shortcodes.php:67
actioninitincludes\class-shortcodes.php:69
actioninitincludes\class-shortcodes.php:70
actionquery_varsincludes\class-shortcodes.php:71
filtertemplate_includeincludes\class-shortcodes.php:72
filtertemplate_includeincludes\class-shortcodes.php:73
filtertemplate_includeincludes\class-shortcodes.php:74
filtertemplate_includeincludes\class-shortcodes.php:75
actiontemplate_redirectincludes\class-shortcodes.php:76
actionrest_api_initincludes\class-shortcodes.php:79
filtershow_admin_barincludes\class-shortcodes.php:242
filtershow_admin_barincludes\class-shortcodes.php:296
actionadmin_initincludes\class-support-status.php:42
actionadmin_initincludes\class-support.php:189
actionadmin_initincludes\class-support.php:192
filterssa/templates/get_template_varsincludes\class-templates.php:46
filterssa/templates/get_template_varsincludes\class-templates.php:47
filterssa/templates/get_template_varsincludes\class-templates.php:48
filterssa/templates/get_template_varsincludes\class-templates.php:49
filterssa/templates/get_template_varsincludes\class-templates.php:50
filterssa/templates/get_template_varsincludes\class-templates.php:110
filterlocaleincludes\class-translation.php:50
actionrest_api_initincludes\class-translation.php:51
actionrest_api_initincludes\class-translation.php:52
actioninitincludes\class-upgrade.php:72
actioninitincludes\class-upgrade.php:73
actionssa_upgrade_free_to_paidincludes\class-upgrade.php:74
actionssa_downgrade_paid_to_freeincludes\class-upgrade.php:75
actionrest_api_initincludes\class-users.php:42
filterssa/appointment/before_insertincludes\class-web-meetings.php:42
filterssa/appointment/before_updateincludes\class-web-meetings.php:43
actionadmin_menuincludes\class-wp-admin.php:45
actionadmin_initincludes\class-wp-admin.php:47
actionadmin_initincludes\class-wp-admin.php:48
actionadmin_initincludes\class-wp-admin.php:49
actionadmin_initincludes\class-wp-admin.php:50
actionadmin_initincludes\class-wp-admin.php:51
actionadmin_enqueue_scriptsincludes\class-wp-admin.php:52
actionadmin_body_classincludes\class-wp-admin.php:53
actionadmin_print_scriptsincludes\class-wp-admin.php:55
filterplugin_action_linksincludes\class-wp-admin.php:56
actionrest_api_initincludes\class-wp-admin.php:59
actioninitincludes\divi5\module\SsaBookingModule.php:37
actiondivi_module_library_modules_dependency_treeincludes\divi5\server\Modules.php:17
actioninitsimply-schedule-appointments.php:521
filterscript_loader_tagsimply-schedule-appointments.php:523
actionrest_api_initsimply-schedule-appointments.php:524
actionall_admin_noticessimply-schedule-appointments.php:619
actionadmin_initsimply-schedule-appointments.php:622
actionplugins_loadedsimply-schedule-appointments.php:918

Scheduled Events 1

ssa_cron_process_async_actions
Maintenance & Trust

Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin Maintenance & Trust

Maintenance Signals

WordPress version tested7.0
Last updatedMar 17, 2026
PHP min version7.4
Downloads3.4M

Community Trust

Rating100/100
Number of ratings154
Active installs60K
Alternatives

Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin Alternatives

Bookings for WooCommerce – Create Booking Calendar, Start Scheduling, Manage Bookings And Appointments

Bookings for WooCommerce – Create Booking Calendar, Start Scheduling, Manage Bookings And Appointments

mwb-bookings-for-woocommerce

A
100

This WordPress Booking Plugin lets you manage full-day bookings, service appointments, Accept/reject bookings, show booking availability & much more.

4K No CVEs
Advanced Appointment Booking & Scheduling

Advanced Appointment Booking & Scheduling

advanced-appointment-booking-scheduling

B
78

Advanced Appointment Booking & Scheduling: Effortlessly manage appointments with a simple, user-friendly scheduling system.

3K 1 unpatched
Easy Appointment Booking & Scheduling System – Webba Booking Calendar

Easy Appointment Booking & Scheduling System – Webba Booking Calendar

webba-booking-lite

A
95

Free Appointment Booking Plugin 📅 Unlimited appointments, booking management, calendar sync, notifications, 5* support = powerful booking system!

3K 7 CVEs
Bookify – Appointment Booking & Scheduling for WordPress

Bookify – Appointment Booking & Scheduling for WordPress

bookify

A
98

🚀 A modern, lightweight appointment booking plugin for WordPress. Let customers book services online, manage schedules easily, and reduce no-shows — n &hellip;

10 1 CVE
Yo Booking – Appointment Booking and Scheduling System

Yo Booking – Appointment Booking and Scheduling System

yo-booking

A
100

Yo Booking is a powerful appointment booking and scheduling system for WordPress.

0 No CVEs
Developer Profile

Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin Developer Profile

NSquared

4 plugins · 85K total installs

83
trust score
Avg Security Score
93/100
Avg Patch Time
66 days
View full developer profile
Detection Fingerprints

How We Detect Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/simply-schedule-appointments/build/index.css/wp-content/plugins/simply-schedule-appointments/build/index.js/wp-content/plugins/simply-schedule-appointments/build/common.js/wp-content/plugins/simply-schedule-appointments/build/vendors.js/wp-content/plugins/simply-schedule-appointments/includes/lib/td-health-check/assets/css/health-check.css/wp-content/plugins/simply-schedule-appointments/includes/lib/td-health-check/assets/js/health-check.js/wp-content/plugins/simply-schedule-appointments/assets/css/ssa-admin.css/wp-content/plugins/simply-schedule-appointments/assets/css/ssa-public.css+2 more
Generator Patterns
SSA_Theme_Integration
Script Paths
/wp-content/plugins/simply-schedule-appointments/build/index.js/wp-content/plugins/simply-schedule-appointments/build/common.js/wp-content/plugins/simply-schedule-appointments/build/vendors.js/wp-content/plugins/simply-schedule-appointments/includes/lib/td-health-check/assets/js/health-check.js/wp-content/plugins/simply-schedule-appointments/assets/js/ssa-admin.js/wp-content/plugins/simply-schedule-appointments/assets/js/ssa-public.js
Version Parameters
simply-schedule-appointments/build/index.css?ver=simply-schedule-appointments/build/index.js?ver=simply-schedule-appointments/build/common.js?ver=simply-schedule-appointments/build/vendors.js?ver=simply-schedule-appointments/includes/lib/td-health-check/assets/css/health-check.css?ver=simply-schedule-appointments/includes/lib/td-health-check/assets/js/health-check.js?ver=simply-schedule-appointments/assets/css/ssa-admin.css?ver=simply-schedule-appointments/assets/css/ssa-public.css?ver=simply-schedule-appointments/assets/js/ssa-admin.js?ver=simply-schedule-appointments/assets/js/ssa-public.js?ver=

HTML / DOM Fingerprints

CSS Classes
ssa-adminssa-publicssa-booking-formssa-calendarssa-appointment-detailsssa-availability-editorssa-settings-pagessa-notifications-list+2 more
HTML Comments
Built using generator-plugin-wp (https://github.com/WebDevStudios/generator-plugin-wp)Copyright (c) 2017 N Squared (email : support@simplyscheduleappointments.com)This program is free software; you can redistribute it and/or modifyThis program is distributed in the hope that it will be useful,+11 more
Data Attributes
data-ssa-booking-formdata-ssa-calendardata-ssa-appointment-iddata-ssa-settings-fielddata-ssa-notification-iddata-ssa-customer-id+1 more
JS Globals
SSASSA_AdminSSA_PublicSSA_SettingsSSA_CalendarSSA_BookingForm+1 more
REST Endpoints
/wp-json/ssa/v1/appointments/wp-json/ssa/v1/appointment-types/wp-json/ssa/v1/settings/wp-json/ssa/v1/customers/wp-json/ssa/v1/notifications
Shortcode Output
[ssa_booking_form][ssa_calendar][ssa_appointment_list]
FAQ

Frequently Asked Questions about Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin