CVE-2026-2230 | Booking Calendar Plugin up to 10.14.14 on WordPress Setting handle_ajax_save resource injection

Full Article URL: https://vuldb.com/?id.346443
Textarea URL (this page): <a href="https://textarea.nl/i/eNrLKCkpKLbS1y8rzUlJ0kvOz9W3z0zRMzYxMzExBgCQRAj3_2026-02-18">https://textarea.nl/i/eNrLKCkpKLbS1y8rzUlJ0kvOz9W3z0zRMzYxMzExBgCQRAj3_2026-02-18
Source: https://vuldb.com/?rss.recent
Vuldb: https://vuldb.com
Publication date: 2026-02-18 07:07:38
Last retrieval: 2026-02-18 08:46:17.252051

07:07 - 18 Feb 2026

vuldb.com

A vulnerability described as problematic has been identified in Booking Calendar Plugin up to 10.14.14 on WordPress. This affects the function handle_ajax_save of the component Setting Handler. Such manipulation leads to improper control of resource identifiers. This vulnerability is uniquely identified as CVE-2026-2230. The attack can be launched remotely. No exploit exists.

https://vuldb.com/?id.346443

Article info: