CVE-2026-22341
Authentication Bypass in Booked Plugin Allows Unauthorized Access
Publication date: 2026-02-20
Last updated on: 2026-04-28
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| case-themes | booked | to 3.0.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-288 | The product requires authentication, but the product has an alternate path or channel that does not require authentication. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-22341 is a medium severity Broken Authentication vulnerability in the WordPress Booked Plugin versions up to and including 3.0.0.
It allows a malicious actor to bypass authentication by using an alternate path or channel, enabling them to perform actions normally restricted to higher privileged users.
This can potentially allow the attacker to gain administrative access to the affected website.
The vulnerability falls under the OWASP Top 10 category A7: Identification and Authentication Failures.
How can this vulnerability impact me? :
This vulnerability can allow an attacker to gain unauthorized administrative access to your WordPress site using the Booked Plugin.
With administrative privileges, the attacker could manipulate site content, steal sensitive information, or disrupt site operations.
Since the exploit requires a custom developer role privilege, sites using such roles are particularly at risk.
No official patch is currently available, so immediate application of mitigation rules is advised to prevent exploitation.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
There is no specific information provided about commands or methods to detect this vulnerability on your network or system.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability immediately, users are advised to apply Patchstackβs mitigation rule which blocks exploitation attempts until an official patch is released.
Since no official patch is currently available, applying this mitigation rule is the safest way to protect your site from potential attacks exploiting this authentication bypass vulnerability.