CVE-2026-22336

• WordPress/Bookingllm-fuzzy

  Range: <=3.0.2

  Package: https://wordpress.org/plugins/booking

No patches discovered yet.

AI mechanics synthesis has not run for this CVE yet.

• patchstack.com/database/wordpress/plugin/directorist-booking/vulnerability/wordpress-directorist-booking-plugin-2-4-1-sql-injection-vulnerabilitynvd

• Wordfence Intelligence Weekly WordPress Vulnerability Report (May 4, 2026 to May 10, 2026)
  Wordfence Blog · May 14, 2026
• KDE gets over €1 million investment to strengthen security and core infrastructure
  Help Net Security · May 13, 2026
• BWH Hotels Says Hackers Had Access to Reservation Data for 6 Months
  SecurityWeek · May 12, 2026
• BWH Hotels guests warned after reservation data checks out with cybercrooks
  The Register Security · May 11, 2026
• Wordfence Intelligence Weekly WordPress Vulnerability Report (April 27, 2026 to May 3, 2026)
  Wordfence Blog · May 7, 2026
• The 2026 World Cup scam economy is already running before the first whistle
  Malwarebytes Labs · May 4, 2026
• Wordfence Intelligence Weekly WordPress Vulnerability Report (April 20, 2026 to April 26, 2026)
  Wordfence Blog · Apr 30, 2026
• Wordfence Intelligence Weekly WordPress Vulnerability Report (April 13, 2026 to April 19, 2026)
  Wordfence Blog · Apr 23, 2026
• How cyberattacks on companies affect everyone
  Malwarebytes Labs · Apr 23, 2026
• Moving past bots vs. humans
  Cloudflare Blog · Apr 21, 2026
• 20th April – Threat Intelligence Report
  Check Point Research · Apr 20, 2026
• Strengthening cyber resilience across the NHS with collaboration and innovation
  NCSC UK · Apr 17, 2026
• Wordfence Intelligence Weekly WordPress Vulnerability Report (April 6, 2026 to April 12, 2026)
  Wordfence Blog · Apr 16, 2026
• Risky Business #833 -- The Great Mythos Freakout of 2026
  Risky Business · Apr 15, 2026
• Wordfence Intelligence Weekly WordPress Vulnerability Report (March 30, 2026 to April 5, 2026)
  Wordfence Blog · Apr 9, 2026
• 6th April – Threat Intelligence Report
  Check Point Research · Apr 6, 2026
• Wordfence Intelligence Weekly WordPress Vulnerability Report (March 23, 2026 to March 29, 2026)
  Wordfence Blog · Apr 2, 2026
• SpiceJet Online Booking System
  CISA Alerts