cleantalk
Vulnerabilities and Security Researches

Online Service Booking System & Reservation Plugin – WpBookingly, CVE-2026-32384

CVE, Research URL

CVE-2026-32384

Home page URL

Security reports for Online Service Booking System & Reservation Plugin – WpBookingly

Application

Online Service Booking System & Reservation Plugin – WpBookingly

Published on
Mar 14, 2026
Research Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in magepeopleteam WpBookingly service-booking-manager allows PHP Local File Inclusion.This issue affects WpBookingly: from n/a through <= 1.2.9.
Affected versions
max 1.2.9.
Status
vulnerable
Previous vulnerability researches
Additional Custom Product Tabs for WooCommerce (CVE-2025-58985) , Sep 10, 2025
Additional Custom Product Tabs for WooCommerce (CVE-2025-26749) , Apr 15, 2025
Custom Product Tabs For WooCommerce (CVE-2024-12721) , Dec 22, 2024
New vulnerability
Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms (CVE-2026-25430) , Mar 29, 2026
Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors (CVE-2026-25309) , Mar 29, 2026
Widget Wrangler (CVE-2026-25447) , Mar 29, 2026
Astra Bulk Edit (CVE-2026-32431) , Mar 29, 2026
JS Help Desk &#8211; Best Help Desk &amp; Support Plugin (CVE-2026-32535) , Mar 29, 2026