CVE-2025-26593 is a CSRF vulnerability affecting FasterThemes FastBook (fastbook-responsive-appointment-booking-and-scheduling-system) versions up to 1.1. The vulnerability allows unauthorized commands to be transmitted from a user that the web application trusts, potentially leading to unintended actions within the system. The CVSS 3.1 base score is 4.3, reflecting network attack vector, low attack complexity, no privileges required, user interaction required, unchanged scope, and no confidentiality or integrity impact but low availability impact.

The vulnerability may allow attackers to trick authenticated users into submitting unwanted requests to the FastBook system, potentially causing disruption or denial of service (availability impact). There is no impact on confidentiality or integrity reported. No known exploits have been observed in the wild.

No official patch or remediation information is currently available. Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a fix is released, users should consider implementing CSRF protections such as anti-CSRF tokens or other application-level mitigations if possible.