codepeople CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH codepeople CVE published 2026-06-15

CVE-2026-48882

A high-severity vulnerability, CVE-2026-48882, was discovered in the WP Time Slots Booking Form plugin, affecting versions up to and including 1.2.50. This vulnerability allows subscribers to inject SQL, potentially leading to unauthorized data access or manipulation. The Common Vulnerability Scoring System (CVSS) score for this vulnerability is 8.5, indicating a high level of severity. The vulnerability [truncated]

HIGH codepeople CVE published 2026-06-15

CVE-2026-40791

CVE-2026-40791 is a HIGH severity Unauthenticated Cross Site Scripting (XSS) vulnerability in WP Time Slots Booking Form versions <= 1.2.46. The vulnerability has a CVSS score of 7.1 and was published on [cvePublishedAt](https://www.cve.org/CVERecord?id=CVE-2026-40791).