Skip to main content

Doctor Appointment Booking CVE-2025-27263

HIGH
SQL Injection (CWE-89)
2025-03-03 audit@patchstack.com
8.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.5 HIGH
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
None
Availability
Low

Lifecycle Timeline

4
Analysis Updated
Apr 25, 2026 - 00:55 vuln.today
v2 (cvss_changed)
Re-analysis Queued
Apr 23, 2026 - 15:42 vuln.today
cvss_changed
Analysis Generated
Mar 28, 2026 - 18:29 vuln.today
CVE Published
Mar 03, 2025 - 14:15 nvd
HIGH 8.5

DescriptionCVE.org

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Doctor Appointment Booking allows SQL Injection. This issue affects Doctor Appointment Booking: from n/a through 1.0.0.

AnalysisAI

SQL injection in Doctor Appointment Booking WordPress plugin versions up to 1.0.0 allows authenticated attackers with low-level privileges to extract sensitive database information and potentially cause availability disruption. The vulnerability enables scope change, meaning attackers can access resources beyond their authorized privilege level to read high-sensitivity data. With EPSS probability at 0.12% (31st percentile) and no evidence of active exploitation or public exploit code, this represents a moderate real-world risk primarily for sites where low-privileged user accounts (subscriber/contributor roles) exist.

Technical ContextAI

This is a classic SQL injection vulnerability (CWE-89) in a WordPress plugin designed for medical appointment scheduling. The flaw occurs when user-supplied input is incorporated into SQL queries without proper sanitization or parameterized query usage. WordPress plugins written in PHP commonly interact with MySQL/MariaDB databases, and this vulnerability likely exists in patient/doctor booking functions, search features, or calendar views where authenticated users can supply input parameters. The scope change (S:C) in the CVSS vector indicates the vulnerable component can affect resources beyond its security scope, suggesting the SQL injection may bypass WordPress's user privilege separation and access the entire database rather than just plugin-specific tables.

Affected ProductsAI

The vulnerability affects the Doctor Appointment Booking plugin for WordPress, specifically version 1.0.0 and all prior versions. This appears to be developed by NotFound (vendor identification from NVD data). The plugin is distributed through the WordPress plugin repository and is designed for medical practices, clinics, and healthcare providers to manage patient appointment scheduling. Detailed vulnerability information and vendor response status is available through Patchstack's vulnerability database at https://patchstack.com/database/wordpress/plugin/doctor-appointment-booking/vulnerability/wordpress-doctor-appointment-booking-plugin-1-0-0-sql-injection-vulnerability.

RemediationAI

WordPress site administrators should immediately check their plugin version and assess whether a patched release beyond version 1.0.0 is available from the WordPress plugin repository or the plugin developer. As of this analysis, Patchstack has disclosed the vulnerability but patch availability is not confirmed in the provided data sources. If no update exists, implement compensating controls: restrict new user registration to prevent creation of low-privilege accounts that could exploit this flaw, audit existing subscriber and contributor accounts for legitimacy, enable WordPress database activity monitoring to detect SQL injection attempts in plugin queries, and consider temporarily deactivating the plugin if appointment booking can be handled through alternative means. Review WordPress user roles to ensure the principle of least privilege - limit low-privilege account creation unless operationally necessary. Database-level protections such as read-only replicas for reporting queries and separate database users with limited permissions can reduce confidentiality impact. Monitor the Patchstack advisory and WordPress plugin repository for official patch release announcements.

Share

CVE-2025-27263 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy