CVE-2023-24388

Name of the Vulnerable Software and Affected Versions WpDevArt Booking calendar, Appointment Booking System plugin versions <= 3.2.3

Description The issue is a Cross-Site Request Forgery (CSRF) vulnerability that affects plugin forms actions, including create, duplicate, edit, and delete.

Recommendations For WpDevArt Booking calendar, Appointment Booking System plugin versions <= 3.2.3, update to a version higher than 3.2.3 to resolve the issue. As a temporary workaround, consider restricting access to the plugin forms actions to minimize the risk of exploitation.