Schedula Appointment Booking System: Unauthorized Access to Sensitive Data

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

5.3

Schedula Appointment Booking System: Unauthorized Access to Sensitive Data

CVE-2025-67970

Summary

A security flaw in Schedula's appointment booking system allows hackers to access sensitive data even if they shouldn't have permission. This means that someone with the wrong level of access could see or change information they shouldn't be able to. Update to a secure version of Schedula to fix this issue.

Original title

Missing Authorization vulnerability in vertim Schedula schedula-smart-appointment-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Schedula: from n...

Original description

nvd CVSS3.1 5.3

Vulnerability type

CWE-862 Missing Authorization

https://patchstack.com/database/Wordpress/Plugin/schedula-smart-appointment-book...

Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026