Salon Booking System Security Vulnerabilities and Issues — Salon Booking System CVE List

Lucene search

SalonbookingsystemSalon Booking System

3 matches found

CVE•added 2024/06/19 5:15 a.m.•59 views

CVE-2024-3229

The Salon booking system plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the SLN_Action_Ajax_ImportAssistants function along with missing authorization checks in all versions up to, and including, 10.2. This makes it possible for unauthenticated a...

9.8CVSS9.9AI score0.10762EPSS

CVE•added 2024/06/24 1:15 p.m.•50 views

CVE-2024-37231

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Salon Booking System Salon booking system allows File Manipulation.This issue affects Salon booking system: from n/a through 9.9.

9.1CVSS8.6AI score0.00107EPSS

CVE•added 2024/06/08 8:15 a.m.•39 views

CVE-2024-4468

The Salon booking system plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions hooked into admin_init in all versions up to, and including, 9.9. This makes it possible for authenticated attackers with subscriber acc...

5.4CVSS4.7AI score0.00421EPSS