Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:45 a.m.4 views

CVE-2022-0920

The Salon booking system Free and Pro WordPress plugins before 7.6.3 do not have proper authorisation in some of its endpoints, which could allow customers to access all bookings and other customer's data...

7.5CVSS6.8AI score0.01431EPSS
Exploits2References1
CNNVD
CNNVD
added 2025/05/19 12:0 a.m.4 views

WordPress plugin Salon booking system 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

5.4CVSS6.4AI score0.00124EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/05 12:27 p.m.12 views

CVE-2024-47316 WordPress Salon Booking Wordpress Plugin plugin <= 10.9 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in Salon Booking System Salon booking system.This issue affects Salon booking system: from n/a through 10.9...

4.3CVSS6.9AI score0.00333EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/21 12:0 a.m.6 views

WordPress Plugin Salon booking system 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

9.1CVSS6.8AI score0.01236EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/05/17 12:0 a.m.7 views

WordPress plugin Salon booking system 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress...

7.2CVSS8.6AI score0.00524EPSS
Exploits0References2
OSV
OSV
added 2024/04/17 5:15 a.m.3 views

CVE-2024-2102

The Salon booking system WordPress plugin before 9.6.3 does not properly sanitize and escape the 'Mobile Phone' field and 'smsprefix' parameter when booking an appointment, allowing customers to conduct Stored Cross-Site Scripting attacks. The payload gets triggered when an admin visits the...

4.7CVSS5.8AI score0.00464EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2022/04/11 3:15 p.m.4 views

CVE-2022-0920

The Salon booking system Free and Pro WordPress plugins before 7.6.3 do not have proper authorisation in some of its endpoints, which could allow customers to access all bookings and other customer's data...

7.5CVSS7.2AI score0.01431EPSS
Exploits2References2
Rows per page
Query Builder