Wpbookingly

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-32384 HIGH This Week

WpBookingly plugin versions 1.2.9 and earlier contain a local file inclusion vulnerability in their service-booking-manager component that allows authenticated attackers to read arbitrary files from the affected server. An attacker with valid credentials can exploit improper filename validation in PHP include/require statements to access sensitive information on the system. No patch is currently available for this vulnerability.

Information Disclosure Lfi PHP Wpbookingly

NVD VulDB

CVSS 3.1

7.5

EPSS

0.1%

CVE-2026-32384

EPSS 0% CVSS 7.5

HIGH This Week

WpBookingly plugin versions 1.2.9 and earlier contain a local file inclusion vulnerability in their service-booking-manager component that allows authenticated attackers to read arbitrary files from the affected server. An attacker with valid credentials can exploit improper filename validation in PHP include/require statements to access sensitive information on the system. No patch is currently available for this vulnerability.

Information Disclosure Lfi PHP +1

NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy