Title: Security Issue Last modified: June 23, 2025 --- # Security Issue * [Kevin Pfeifer](https://wordpress.org/support/users/beardcat/) * (@beardcat) * [12 months ago](https://wordpress.org/support/topic/security-issue-182/) * See [https://patchstack.com/database/wordpress/plugin/booking-system/vulnerability/wordpress-pinpoint-booking-system-plugin-2-9-9-5-2-broken-access-control-vulnerability](https://patchstack.com/database/wordpress/plugin/booking-system/vulnerability/wordpress-pinpoint-booking-system-plugin-2-9-9-5-2-broken-access-control-vulnerability?_a_id=350) Viewing 5 replies - 1 through 5 (of 5 total) * Plugin Author [Marius](https://wordpress.org/support/users/mariuscristian/) * (@mariuscristian) * [12 months ago](https://wordpress.org/support/topic/security-issue-182/#post-18525387) * Hi, * Can you duplicate the issue? * Thank you * Thread Starter [Kevin Pfeifer](https://wordpress.org/support/users/beardcat/) * (@beardcat) * [12 months ago](https://wordpress.org/support/topic/security-issue-182/#post-18525524) * I have not looked into the CVE in detail since you as the plugin author should have gotten more details on what the exact problem is. * I only post this, since my monitoring tool marks my websites as having a security issue due to this CVE. * Plugin Author [Marius](https://wordpress.org/support/users/mariuscristian/) * (@mariuscristian) * [12 months ago](https://wordpress.org/support/topic/security-issue-182/#post-18525652) * There are no specific details provided, but I can assure you that we are **not aware of any scenario** in which one user can access another user’s data. * We take data privacy and security very seriously. If you have any additional information or concerns, please feel free to share them so we can investigate further. * [Darius Sveikauskas (Patchstack)](https://wordpress.org/support/users/darius_fx/) * (@darius_fx) * [12 months ago](https://wordpress.org/support/topic/security-issue-182/#post-18528050) * [@mariuscristian](https://wordpress.org/support/users/mariuscristian/) here’s a copy of reply to the email I’ve sent to the vendor: * > Support Pinpoint.world support{}pinpoint{}world > Aug 4, 2024, 8:59 PMto me > Hi Darius, > Thanks for letting us know. > Best regards, > OvidiuPINPOINT.WORLD Support Team * And we had long conversation about this and another vulnerability. So I’m not sure how you can be unaware. * Plugin Author [Marius](https://wordpress.org/support/users/mariuscristian/) * (@mariuscristian) * [12 months ago](https://wordpress.org/support/topic/security-issue-182/#post-18528887) * Hi Darius, * We’ve had several conversations about other issues that appeared to be related to this one, and those have already been resolved. Probably I’m missing something. I’ll review the previous exchanges again to make sure nothing was missed. * Regards, Marius Viewing 5 replies - 1 through 5 (of 5 total) The topic ‘Security Issue’ is closed to new replies. * ![](https://ps.w.org/booking-system/assets/icon-256x256.png?rev=2192807) * [Pinpoint Booking System - Version 2](https://wordpress.org/plugins/booking-system/) * [Frequently Asked Questions](https://wordpress.org/plugins/booking-system/#faq) * [Support Threads](https://wordpress.org/support/plugin/booking-system/) * [Active Topics](https://wordpress.org/support/plugin/booking-system/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/booking-system/unresolved/) * [Reviews](https://wordpress.org/support/plugin/booking-system/reviews/) * 6 replies * 4 participants * Last reply from: [Marius](https://wordpress.org/support/users/mariuscristian/) * Last activity: [12 months ago](https://wordpress.org/support/topic/security-issue-182/#post-18528887) * Status: not a support question