A vulnerability labeled as critical has been found in melograno Booking for Appointments and Events Calendar Amelia Plugin up to 2.4.3 on WordPress. This affects an unknown function of the component Customer Import. The manipulation results in sql injection.

This vulnerability is reported as CVE-2026-14782. The attack can be launched remotely. No exploit exists.