Missing Authorization Vulnerability in BA Book Everything Plugin by BookingAlgorithms

CVE-2026-24371

What is CVE-2026-24371?

The BA Book Everything plugin by BookingAlgorithms contains a critical vulnerability stemming from improper access control configurations, allowing unauthorized users to gain access to restricted functionalities. This vulnerability affects versions up to 1.8.16 and could result in potential data exposure or manipulation. Users are encouraged to upgrade to the latest version and implement appropriate security measures to safeguard their bookings and personal information.

References