cleantalk
Vulnerabilities and Security Researches

Online Service Booking System & Reservation Plugin – WpBookingly, CVE-2026-25444

CVE, Research URL

CVE-2026-25444

Home page URL

Security reports for Online Service Booking System & Reservation Plugin – WpBookingly

Application

Online Service Booking System & Reservation Plugin – WpBookingly

Published on
May 27, 2026
Research Description
Missing Authorization vulnerability in Magepeople inc. WpBookingly allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WpBookingly: from n/a through 1.2.9.
Affected versions
max 1.3.0.
Status
vulnerable
Previous vulnerability researches
Splash Popup for WooCommerce (978edf968cc1bb14ad6e4fc2a47804615027039d) , Jun 07, 2024
New vulnerability
Style Kits – Advanced Theme Styles for Elementor (CVE-2026-6565) , May 28, 2026
EventPrime – Events Calendar, Bookings and Tickets (CVE-2026-42686) , May 28, 2026
E2Pdf – Export To Pdf Tool for WordPress (CVE-2026-42681) , May 28, 2026
Online Service Booking System & Reservation Plugin – WpBookingly (CVE-2026-25444) , May 28, 2026
Ads by WPQuads – Adsense Ads, Banner Ads, Popup Ads (CVE-2026-42732) , May 28, 2026