🔐 CVE Alert

CVE-2025-39541

UNKNOWN 0.0

WordPress WP Simple Booking Calendar plugin <= 2.0.13 - Broken Access Control vulnerability

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

Missing Authorization vulnerability in Roland Murg WP Simple Booking Calendar wp-simple-booking-calendar.This issue affects WP Simple Booking Calendar: from n/a through <= 2.0.13.

CWE CWE-862
Vendor roland murg
Product wp simple booking calendar
Published Sep 9, 2025
Last Updated Apr 1, 2026
Stay Ahead of the Next One

Get instant alerts for roland murg wp simple booking calendar

Be the first to know when new unknown vulnerabilities affecting roland murg wp simple booking calendar are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Roland Murg / WP Simple Booking Calendar
0 ≤ 2.0.13

References

NVD ↗ CVE.org ↗ EPSS Data ↗
patchstack.com: https://patchstack.com/database/Wordpress/Plugin/wp-simple-booking-calendar/vulnerability/wordpress-wp-simple-booking-calendar-plugin-2-0-13-broken-access-control-vulnerability?_s_id=cve

Credits

Trương Hữu Phúc (truonghuuphuc) | Patchstack Bug Bounty Program