CVE-2026-11823: WordPress BookingPress Plugin SQL Injection via Service Date Parameter — Casky — Casky