Salon Booking System Security Vulnerabilities and Issues — Salon Booking System CVE List

Lucene search

SalonbookingsystemSalon Booking System

4 matches found

CVE•added 2024/04/26 5:15 a.m.•62 views

CVE-2024-2603

The Salon booking system WordPress plugin through 9.6.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin (or editor depending on Salon booking system WordPress plugin through 9.6.5 configuration) to perform Stored Cross-Site Scripting attacks e...

6.3CVSS7.6AI score0.00127EPSS

CVE•added 2024/08/19 6:15 p.m.•38 views

CVE-2024-43280

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Salon Booking System Salon booking system.This issue affects Salon booking system: from n/a through 10.8.1.

6.1CVSS4.8AI score0.00078EPSS

CVE•added 2022/12/05 4:15 a.m.•33 views

CVE-2022-43487

Cross-site scripting vulnerability in Salon booking system versions prior to 7.9 allows a remote unauthenticated attacker to inject an arbitrary script.

6.1CVSS6.1AI score0.00879EPSS

CVE•added 2021/07/12 8:15 p.m.•31 views

CVE-2021-24429

The Salon booking system WordPress plugin before 6.3.1 does not properly sanitise and escape the First Name field when booking an appointment, allowing low privilege users such as subscriber to set JavaScript in them, leading to a Stored Cross-Site Scripting (XSS) vulnerability. The Payload will th...

6.1CVSS5.8AI score0.01192EPSS