PT-2026-23262 · WordPress · Wedesigntech Ultimate Booking Addon
Phat Rio
·
Published
2026-03-05
·
Updated
2026-03-12
·
CVE-2026-27389
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
WeDesignTech Ultimate Booking Addon versions through 1.0.1
Description
An authentication bypass issue exists in the WeDesignTech Ultimate Booking Addon, allowing authentication abuse through an alternate path or channel. The issue allows bypassing normal authentication mechanisms.
Recommendations
Update WeDesignTech Ultimate Booking Addon to a version later than 1.0.1.
Fix
Authentication Bypass Using an Alternate Path or Channel
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wedesigntech Ultimate Booking Addon