CVE-2018-20556 SQL injection vulnerability in Booking Calendar plugin 8.4.3 for WordPress allows remote attackers to execute arbitrary SQL commands via the booking_id parameter. Source: NIST March 21, 2019 by admin Uncategorized