Primary

Context

WeDesignTech Ultimate Booking Addon Authentication Bypass Vulnerability

Vulnerability

An authentication bypass vulnerability has been identified in the WeDesignTech Ultimate Booking Addon for WordPress, affecting versions through 1.0.1. This vulnerability allows unauthorized users to bypass authentication mechanisms, potentially leading to actions that should only be available to users with higher privileges, such as gaining administrative access to the website.

Impact

Exploitation of this vulnerability could allow an attacker to bypass authentication and gain administrative privileges on the affected WordPress site.

Remediation

Users are advised to update to the latest version of the WeDesignTech Ultimate Booking Addon. For those using Patchstack, a mitigation rule is available to block attacks until an official patch can be safely applied.

Added: Mar 5, 2026, 7:09 AM

Updated: Mar 5, 2026, 7:09 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

3.5

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

3.5

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WeDesignTech Ultimate Booking Addon Authentication Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating