CVE-2026-15282 - Instant Appointment <= 1.2 - Unauthenticated Arbitrary File Upload
CVE ID :CVE-2026-15282 Published : July 10, 2026, 5:16 a.m. | 1 hour, 16 minutes ago Description :The Instant Appointment plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'insapp_upload_image_as_attachment' function in all versions up to,...