Cross Site Request Forgery Vulnerability in Booked Plugin by WordPress
CVE-2026-57747
6.5MEDIUM
What is CVE-2026-57747?
The Booked plugin for WordPress is susceptible to an unauthenticated Cross Site Request Forgery (CSRF) vulnerability in versions up to 3.0.0. This allows attackers to perform unauthorized actions on behalf of a user without their consent. Users of affected versions should implement security measures to mitigate potential exploitation and ensure their applications remain secure.
Affected Version(s)
Booked <= 3.0.0