Access Control Issues in Booked Plugin by WordPress
CVE-2026-57746
7.1HIGH
What is CVE-2026-57746?
The Booked plugin for WordPress has been found to have a broken access control vulnerability in versions up to 3.0.0. This flaw allows unauthorized users to potentially access sensitive functionalities and data that should be restricted to privileged accounts. Site administrators and users are urged to review their configurations and apply necessary updates to mitigate any associated risks.
Affected Version(s)
Booked <= 3.0.0