CVE-2026-12378: WordPress Booking Plugin PHP Deserialization Remote Code Execution — Casky — Casky