CVE-2026-27390

NONE EPSS 0.03%

Mar 05, 2026

Updated Mar 05, 2026

Authentication

Parameter	Value
Type	CWE-288 (Authentication Bypass Using Alternate Path)
Vendor	Authentication
Public PoC	No

Authentication Bypass Using an Alternate Path or Channel vulnerability in designthemes WeDesignTech Ultimate Booking Addon wedesigntech-ultimate-booking-addon allows Authentication Abuse.This issue affects WeDesignTech Ultimate Booking Addon: from n/a through <= 1.0.1.

Weakness Type (CWE)

CWE-288 Authentication Bypass Using Alternate Path

References 1

https://patchstack.com/database/Wordpress/Plugin/wedesigntech-ultimate-booking-…

audit@patchstack.com

Share Post Share Share Share

CVE Details

CVE ID

CVE-2026-27390

Published Date

Mar 05, 2026

Vendor

Authentication

Severity

NONE

Exploit Prediction (EPSS)

Probability of Exploit 0.03%

Likelihood of exploitation in next 30 days

Percentile: 6.8th percentile (higher than 6.8% of all CVEs)

Standard patching cycle

Impact

Minimal impact

Source

View Advisory

Menu

CVE-2026-27390

Weakness Type (CWE)

References 1

CVE Details

Editor's Choice

Menu

CVE-2026-27390

Weakness Type (CWE)

References 1

CVE Details

Editor's Choice

Stay informed on cybersecurity