CVE-2023-4691 Information

Description

The WordPress Online Booking and Scheduling Plugin WordPress plugin before 22.4 does not properly sanitise and escape a parameter before using it in a SQL statement leading to a SQL injection exploitable by high privilege users such as admin

Reference

https://wpscan.com/vulnerability/5085ec75-0795-4004-955d-e71b3d2c26c6