Access Control Vulnerability in WpBookingly by Magepeople Inc.
CVE-2026-27405
6.5MEDIUM
What is CVE-2026-27405?
WpBookingly by Magepeople Inc. is susceptible to a missing authorization vulnerability. This flaw arises from incorrectly configured access control security levels, potentially allowing unauthorized users to exploit the system. Affected versions, including 1.2.9, may grant access to sensitive features without proper user verification, posing a serious risk to security. Users are advised to review their configurations and apply security patches promptly to mitigate this risk.
Affected Version(s)
WpBookingly <= 1.2.9