Hi all,
Just an update about this plugin. This plugin has been removed from CodeCanyon and is no longer supported. This last version on CodeCanyon also has a major exploit in it.
Envato Market email:
Important: Vulnerability Notice
We wanted to make you aware about multiple serious vulnerabilities in versions 2.4.3 and below of the Booked – Appointment Booking for WordPress plugin, which you purchased on CodeCanyon.
The future of the Booked plugin
Booked has now been disabled on our marketplace, and another trusted Power Elite author with a 5-star rating, Themovation, has worked with a security vendor to do a one-off update to address the vulnerabilities.
The patched version (2.4.4) of the Booked plugin can be downloaded free of charge for the next 28 days:
Click this link to start your download → (I attached it to this post)
Please note: this is not intended as a long term solution, and there will be no further updates or support provided for installing or using this temporary version.
Alternatively, QuickCal (also by Themovation) is a new equivalent plugin that will receive ongoing support, maintenance and improvements, and is available for purchase on CodeCanyon.
What to do now
In order to secure your website from these identified vulnerabilities, we recommend you stop using the Booked plugin immediately.
You need to find a permanent replacement for this plugin, such as QuickCal or another solution. In the meantime, you can temporarily use the patched version linked above. Importantly, this must be installed manually—do not attempt to update Booked via the WordPress back end or the Envato Market plugin. We recommend making a back up of your site before doing this, and confirming the update was successful by going to the Plugins screen and making sure the version number is 2.4.4.
If you have used this plugin in projects for clients, please help them to secure their sites as well.
Just an update about this plugin. This plugin has been removed from CodeCanyon and is no longer supported. This last version on CodeCanyon also has a major exploit in it.
Envato Market email:
Important: Vulnerability Notice
We wanted to make you aware about multiple serious vulnerabilities in versions 2.4.3 and below of the Booked – Appointment Booking for WordPress plugin, which you purchased on CodeCanyon.
The future of the Booked plugin
Booked has now been disabled on our marketplace, and another trusted Power Elite author with a 5-star rating, Themovation, has worked with a security vendor to do a one-off update to address the vulnerabilities.
The patched version (2.4.4) of the Booked plugin can be downloaded free of charge for the next 28 days:
Click this link to start your download → (I attached it to this post)
Please note: this is not intended as a long term solution, and there will be no further updates or support provided for installing or using this temporary version.
Alternatively, QuickCal (also by Themovation) is a new equivalent plugin that will receive ongoing support, maintenance and improvements, and is available for purchase on CodeCanyon.
What to do now
In order to secure your website from these identified vulnerabilities, we recommend you stop using the Booked plugin immediately.
You need to find a permanent replacement for this plugin, such as QuickCal or another solution. In the meantime, you can temporarily use the patched version linked above. Importantly, this must be installed manually—do not attempt to update Booked via the WordPress back end or the Envato Market plugin. We recommend making a back up of your site before doing this, and confirming the update was successful by going to the Plugins screen and making sure the version number is 2.4.4.
If you have used this plugin in projects for clients, please help them to secure their sites as well.
