Primary

Context

WeDesignTech Ultimate Booking Addon Authentication Bypass Vulnerability

Vulnerability

An authentication bypass vulnerability has been identified in the WeDesignTech Ultimate Booking Addon for WordPress, specifically in versions through 1.0.1. This vulnerability allows for authentication abuse, potentially enabling unauthorized users to perform actions reserved for higher-privileged users, such as gaining admin access to the website.

Impact

Exploitation of this vulnerability could lead to unauthorized access and actions on behalf of a user with higher privileges, including administrative rights.

Remediation

Users are advised to mitigate this vulnerability immediately. Patchstack has issued a mitigation rule to block attacks until an official patch is available. For more information on how to apply this mitigation, visit the Patchstack website.

Added: Mar 5, 2026, 7:09 AM

Updated: Mar 5, 2026, 7:09 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

0.0

relevance

3.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

0.0

relevance

3.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WeDesignTech Ultimate Booking Addon Authentication Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating