CVE-2026-6449 | ameliabooking Booking for Appointments and Events Calendar Plugin Request improper authorization

Inserito da Angelo Barbosa | Mag 2, 2026 | CVE

A vulnerability classified as critical has been found in ameliabooking Booking for Appointments and Events Calendar Plugin up to 2.1.2 on WordPress. Affected is an unknown function of the component Request Handler. The manipulation leads to improper authorization.

This vulnerability is documented as CVE-2026-6449. The attack can be initiated remotely. There is not any exploit available.

CVE-2026-6449 | ameliabooking Booking for Appointments and Events Calendar Plugin Request improper authorization

Post correlati

CVE-2024-26144 | Ruby on Rails up to 6.1.7.6/7.0.8.0 Active Storage information disclosure (GHSA-8h22-8cf7-hq6g)

CVE-2024-31932 | CreativeThemes Blocksy Companion Plugin up to 2.0.28 on WordPress cross-site request forgery

CVE-2024-5696 | Mozilla Firefox up to 126 input Tag denial of service

CVE-2024-4564 | CoDesigner WooCommerce Builder for Elementor Plugin cross site scripting