CVE Catalog

CVE-2026-57660

MediumCVSS 5.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.18%

7th percentile — higher than 7% of all known CVEs

Summary

The Booking and Rental Manager plugin version 2.7.1 and earlier contains a vulnerability allowing unauthenticated attackers to bypass access controls. This flaw enables unauthorized access to booking and rental management functions.

Risk Assessment

The risk involves potential unauthorized reading, modification, or deletion of booking data by unauthenticated users. This could lead to a breach of confidentiality and integrity of business data.

Recommendation

Immediately update the Booking and Rental Manager plugin to the latest available version. If an update is not possible, consider temporarily disabling the plugin until a patch is released.

Original NVD description (English source)

Unauthenticated Broken Access Control in Booking and Rental Manager <= 2.7.1 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS