The Appointment & Event Booking Calendar Plugin for WordPress has a security issue that could let an unauthenticated attacker trick a site administrator into doing something they didn’t intend to do. This vulnerability is present in all versions up to, and including, 4.5.33. It is caused by a missing or incorrect nonce validation in an unknown function. The exact impact of this vulnerability is not known.