cleantalk
Vulnerabilities and Security Researches

WP Booking Calendar, CVE-2026-32358

CVE, Research URL

CVE-2026-32358

Home page URL

Security reports for WP Booking Calendar

Application

WP Booking Calendar

Published on
Mar 14, 2026
Research Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdevelop Booking Calendar booking allows Blind SQL Injection.This issue affects Booking Calendar: from n/a through <= 10.14.15.
Affected versions
max 10.14.15.
Status
vulnerable
Previous vulnerability researches
Podlove Podcast Publisher (CVE-2024-52393) , Nov 14, 2024
Podlove Podcast Publisher (CVE-2021-24666) , Jun 07, 2024
Podlove Podcast Publisher (CVE-2016-10941) , Jun 07, 2024
Podlove Podcast Publisher (CVE-2016-10942) , Jun 07, 2024
Podlove Podcast Publisher (CVE-2023-25472) , Jun 07, 2024
New vulnerability
SMTP Mailer (CVE-2026-32538) , Mar 29, 2026
Best WordPress Gallery Plugin – FooGallery (CVE-2026-25362) , Mar 29, 2026
Best WordPress Gallery Plugin – FooGallery (CVE-2026-25363) , Mar 29, 2026
Best WordPress Gallery Plugin – FooGallery (CVE-2025-15524) , Mar 29, 2026
Photo Gallery by 10Web &#8211; Mobile-Friendly Image Gallery (CVE-2026-27360) , Mar 29, 2026