Pinpoint Booking System allows unauthorized access to bookings

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

5.3

Pinpoint Booking System allows unauthorized access to bookings

CVE-2026-39678

Summary

A security issue in the Pinpoint Booking System allows unauthorized users to access and potentially manipulate booking information. This affects all versions up to 2.9.9.6.5. To stay secure, update to the latest version of the system.

Original title

Missing Authorization vulnerability in DOTonPAPER Pinpoint Booking System booking-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pinpoint Booking ...

Original description

Vulnerability type

CWE-862 Missing Authorization

https://patchstack.com/database/Wordpress/Plugin/booking-system/vulnerability/wo...

Published: 8 Apr 2026 · Updated: 10 Apr 2026 · First seen: 8 Apr 2026