This issue affects Webba Booking: from n/a through 6.4.13.
Analysis and contextual insights are available on OpenCVE Cloud.
Vendor Solution
Update the WordPress Webba Booking Plugin to the latest available version (at least 6.4.14).
Tracking
Sign in to view the affected projects.
No advisories yet.
Wed, 01 Jul 2026 18:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 01 Jul 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Missing Authorization vulnerability in Webba Plugins Webba Booking allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Webba Booking: from n/a through 6.4.13. | |
| Title | WordPress Webba Booking plugin <= 6.4.13 - Broken Access Control vulnerability | |
| Weaknesses | CWE-862 | |
| References |
| |
| Metrics |
cvssV3_1
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2026-07-01T17:34:50.305Z
Reserved: 2026-02-19T09:52:22.262Z
Link: CVE-2026-27409
Updated: 2026-07-01T17:34:47.503Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-01T18:15:15Z