cleantalk
Vulnerabilities and Security Researches

Online Service Booking System & Reservation Plugin – WpBookingly, CVE-2026-27405

CVE, Research URL

CVE-2026-27405

Home page URL

Security reports for Online Service Booking System & Reservation Plugin – WpBookingly

Application

Online Service Booking System & Reservation Plugin – WpBookingly

Published on
May 20, 2026
Research Description
Missing Authorization vulnerability in Magepeople inc. WpBookingly allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WpBookingly: from n/a through 1.2.9.
Affected versions
max 1.3.0.
Status
vulnerable
Previous vulnerability researches
Sticky Social Link (CVE-2024-34546) , Jun 10, 2024
Buooy Sticky Header (CVE-2024-51699) , Nov 08, 2024
Sticky Action Buttons (CVE-2025-14465) , Jan 10, 2026
Sticky (CVE-2026-6397) , May 22, 2026
WP Sticky Side Buttons (CVE-2025-39421) , Apr 19, 2025
New vulnerability
Email Marketing, Newsletter, Email Automation and CRM Plugin for WordPress by FluentCRM (CVE-2026-7798) , May 23, 2026
WP Directory Kit (CVE-2026-42672) , May 23, 2026
診断ジェネレータ作成プラグイン (CVE-2026-5293) , May 23, 2026
MyCryptoCheckout – Bitcoin, Ethereum, and 100+ altcoins for WooCommerce (CVE-2026-45209) , May 23, 2026
SponsorMe (CVE-2026-8626) , May 23, 2026