Critical Unauthenticated SQL Injection Vulnerability in JetBooking Plugin
A critical SQL injection vulnerability (CVE-2026-54820) has been discovered in the JetBooking plugin, affecting versions up to 4.0.4.1. This unauthenticated vulnerability has a CVSS score of 9.3, indicating a high severity threat. Successful exploitation could lead to unauthorized access to sensitive data. Immediate patching to version 4.0.4.2 or later is strongly recommended.