cleantalk
Vulnerabilities and Security Researches

WordPress Online Booking and Scheduling Plugin – Bookly, CVE-2023-4691

CVE, Research URL

CVE-2023-4691

Home page URL

Security reports for WordPress Online Booking and Scheduling Plugin – Bookly

Application

WordPress Online Booking and Scheduling Plugin – Bookly

Published on
Oct 17, 2023
Research Description
The WordPress Online Booking and Scheduling Plugin WordPress plugin before 22.4 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin
Affected versions
max 22.4.
Status
vulnerable
Previous vulnerability researches
WordPress Online Booking and Scheduling Plugin – Bookly (CVE-2026-42667) , May 22, 2026
WordPress Online Booking and Scheduling Plugin – Bookly (CVE-2023-5209) , Jun 06, 2024
WordPress Online Booking and Scheduling Plugin – Bookly (CVE-2021-24930) , Jun 06, 2024
WordPress Online Booking and Scheduling Plugin – Bookly (CVE-2023-26526) , Jun 06, 2024
WordPress Online Booking and Scheduling Plugin – Bookly (CVE-2023-1159) , Jun 06, 2024
New vulnerability
130+ Widgets | Best Addons For Elementor – FREE (CVE-2025-15369) , May 22, 2026
myCred – Points, Rewards, Gamification, Ranks, Badges & Loyalty Plugin (CVE-2026-42676) , May 22, 2026
Stripe Payment Plugin for WooCommerce (CVE-2026-45217) , May 22, 2026
YITH WooCommerce Product Add-Ons (CVE-2026-42383) , May 22, 2026
Quick Table (CVE-2026-6237) , May 22, 2026