Authorization Flaw in Webba Appointment Booking by Webba
CVE-2025-66530
4.3MEDIUM
What is CVE-2025-66530?
The Webba Appointment Booking system suffers from a missing authorization flaw that allows unauthorized users to exploit improperly configured access control levels. This vulnerability permits sensitive operations without proper validation, potentially leading to data leaks or unintentional alterations. Specifically, versions up to 6.2.1 of the Webba Booking plugin are affected, necessitating immediate updates to secure the application and protect user data.
Affected Version(s)
Webba Booking 0 <= 6.2.1