Timetics – Appointment Booking Calendar & Scheduling System WordPress Plugin Security Vulnerabilities | WPScan

10

May 24, 2026

2000

Published

2026-04-07

Title

Timetics – Appointment Booking & Scheduling < 1.0.54 - Missing Authorization

Fixed in

Fixed in 1.0.54

CVSS

5.3 (medium)

Published

2026-02-19

Title

Timetics < 1.0.52 - Unauthenticated Payment/Booking Status Update

Fixed in

Fixed in 1.0.52

CVSS

4.3 (medium)

Published

2026-01-05

Title

Appointment Booking and Scheduling Calendar Plugin – WP Timetics < 1.0.37 - Missing Authorization to Unauthenticated Booking Details View And Modification

Fixed in

Fixed in 1.0.37

CVSS

6.5 (medium)

Published

2026-01-05

Title

Timetics < 1.0.48 - Incorrect Authorization to Authenticated (Timetics Customer+) User Creation

Fixed in

Fixed in 1.0.48

CVSS

5.3 (medium)

Published

2025-11-22

Title

Timetics < 1.0.45 - Missing Authorization

Fixed in

Fixed in 1.0.45

CVSS

5.3 (medium)

Published

2025-03-27

Title

Timetics < 1.0.30 - Missing Authorization

Fixed in

Fixed in 1.0.30

CVSS

5.3 (medium)

Published

2024-12-12

Title

WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin < 1.0.28 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Deletion

Fixed in

Fixed in 1.0.28

CVSS

4.3 (medium)

Published

2024-10-16

Title

WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin < 1.0.26 - Insecure Direct Object Reference to Unauthenticated Arbitrary User Password/Email Reset/Account Takeover

Fixed in

Fixed in 1.0.26

CVSS

9.8 (critical)

Published

2024-08-26

Title

Timetics < 1.0.24 - Authorization Bypass

Fixed in

Fixed in 1.0.24

CVSS

5.3 (medium)

Published

2024-06-13

Title

Timetics- AI-powered Appointment Booking with Visual Seat Plan and ultimate Calendar Scheduling Plugin < 1.0.22 - Missing Authorization to Limited Privilege Escalation

Fixed in

Fixed in 1.0.22

CVSS

7.3 (high)