CVE-2026-7493 | croixhaug Appointment Booking Calendar Plugin up to 1.6.11.5 on WordPress REST API Endpoint /wp-json/ssa/v1/async sleep resource consumption

A vulnerability classified as problematic has been found in croixhaug Appointment Booking Calendar Plugin up to 1.6.11.5 on WordPress. The affected element is the function sleep of the file /wp-json/ssa/v1/async of the component REST API Endpoint. This manipulation causes resource consumption.

This vulnerability appears as CVE-2026-7493. The attack may be initiated remotely. There is no available exploit.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More