CVE-2026-7448

LatePoint <= 5.5.0 - Unauthenticated Stored Cross-Site Scripting via 'first_name' Parameter

Description

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.

INFO

Published Date :

2026-05-06T06:47:21.950Z

Last Modified :

2026-05-08T12:25:55.615Z

Source :

Wordfence

AFFECTED PRODUCTS

The following products are affected by CVE-2026-7448 vulnerability.

Vendors	Products
Latepoint	Latepoint – Calendar Booking Plugin For Appointments And Events
Wordpress	Wordpress

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-7448.

URL	Resource
https://plugins.trac.wordpress.org/browser/latepoint/tags/5.3.2/lib/controllers/activities_controller.php#L270
https://plugins.trac.wordpress.org/browser/latepoint/tags/5.3.2/lib/helpers/email_helper.php#L50
https://plugins.trac.wordpress.org/browser/latepoint/tags/5.3.2/lib/helpers/replacer_helper.php#L276
https://plugins.trac.wordpress.org/browser/latepoint/tags/5.3.2/lib/models/customer_model.php#L376
https://plugins.trac.wordpress.org/browser/latepoint/tags/5.5.0/lib/controllers/activities_controller.php#L270
https://plugins.trac.wordpress.org/browser/latepoint/tags/5.5.0/lib/helpers/email_helper.php#L50
https://plugins.trac.wordpress.org/browser/latepoint/tags/5.5.0/lib/helpers/replacer_helper.php#L276
https://plugins.trac.wordpress.org/browser/latepoint/tags/5.5.0/lib/models/customer_model.php#L376
https://plugins.trac.wordpress.org/browser/latepoint/trunk/lib/controllers/activities_controller.php#L270
https://plugins.trac.wordpress.org/browser/latepoint/trunk/lib/helpers/email_helper.php#L50
https://plugins.trac.wordpress.org/browser/latepoint/trunk/lib/helpers/replacer_helper.php#L276
https://plugins.trac.wordpress.org/browser/latepoint/trunk/lib/models/customer_model.php#L376
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3522933%40latepoint%2Ftrunk&old=3516282%40latepoint%2Ftrunk&sfp_email=&sfph_mail=
https://www.wordfence.com/threat-intel/vulnerabilities/id/c8eedec9-d8d4-4052-baec-29f83ac306ac?source=cve

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact