CVE-2026-9188 | wappointment Appointment Bookings for Zoom GoogleMeet and more Plugin REST Endpoint tryCancel authorization

SecurityVulns

A vulnerability categorized as critical has been discovered in wappointment Appointment Bookings for Zoom GoogleMeet and more Plugin up to 2.7.6 on WordPress. The affected element is the function tryCancel of the component REST Endpoint. The manipulation of the argument appointmentkey results in authorization bypass.

This vulnerability is known as CVE-2026-9188. It is possible to launch the attack remotely. No exploit is available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More