Search criteria
44 vulnerabilities found for salon_booking_system by salonbookingsystem
CVE-2024-9882 (GCVE-0-2024-9882)
Vulnerability from nvd – Published: 2025-05-15 20:07 – Updated: 2025-05-17 02:52
VLAI?
Title
Salon Booking System < 10.9.4 - Admin+ Stored XSS
Summary
The Salon Booking System, Appointment Scheduling for Salons, Spas & Small Businesses WordPress plugin before 1.9.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Severity ?
4.8 (Medium)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Salon Booking System, Appointment Scheduling for Salons, Spas & Small Businesses |
Affected:
0 , < 1.9.4
(semver)
|
Credits
Dmitrii Ignatyev
WPScan
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-9882",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-17T02:52:27.833551Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-17T02:52:59.079Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Salon Booking System, Appointment Scheduling for Salons, Spas \u0026 Small Businesses",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.9.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dmitrii Ignatyev"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Salon Booking System, Appointment Scheduling for Salons, Spas \u0026 Small Businesses WordPress plugin before 1.9.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-15T20:07:24.507Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/7f7667fd-6ac6-4c90-aaf0-c7862bd8e9bd/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Salon Booking System \u003c 10.9.4 - Admin+ Stored XSS",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-9882",
"datePublished": "2025-05-15T20:07:24.507Z",
"dateReserved": "2024-10-11T18:34:52.655Z",
"dateUpdated": "2025-05-17T02:52:59.079Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-32220 (GCVE-0-2025-32220)
Vulnerability from nvd – Published: 2025-04-04 15:59 – Updated: 2025-04-04 20:11
VLAI?
Title
WordPress Salon Booking System plugin <= 10.10.7 - Broken Access Control vulnerability
Summary
Missing Authorization vulnerability in Dimitri Grassi Salon booking system allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Salon booking system: from n/a through 10.10.7.
Severity ?
5.4 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dimitri Grassi | Salon booking system |
Affected:
n/a , ≤ 10.10.7
(custom)
|
Credits
NAWardRox (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-32220",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-04T19:52:43.033033Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-04T20:11:29.531Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "salon-booking-system",
"product": "Salon booking system",
"vendor": "Dimitri Grassi",
"versions": [
{
"lessThanOrEqual": "10.10.7",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "NAWardRox (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMissing Authorization vulnerability in Dimitri Grassi Salon booking system allows Exploiting Incorrectly Configured Access Control Security Levels.\u003c/p\u003e\u003cp\u003eThis issue affects Salon booking system: from n/a through 10.10.7.\u003c/p\u003e"
}
],
"value": "Missing Authorization vulnerability in Dimitri Grassi Salon booking system allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Salon booking system: from n/a through 10.10.7."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-04T15:59:14.531Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/salon-booking-system/vulnerability/wordpress-salon-booking-system-plugin-10-10-7-broken-access-control-vulnerability?_s_id=cve"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Salon Booking System plugin \u003c= 10.10.7 - Broken Access Control vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-32220",
"datePublished": "2025-04-04T15:59:14.531Z",
"dateReserved": "2025-04-04T10:01:42.465Z",
"dateUpdated": "2025-04-04T20:11:29.531Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-31560 (GCVE-0-2025-31560)
Vulnerability from nvd – Published: 2025-04-01 20:58 – Updated: 2025-04-02 13:21
VLAI?
Title
WordPress Salon booking system plugin <= 10.11 - Privilege Escalation vulnerability
Summary
Incorrect Privilege Assignment vulnerability in Dimitri Grassi Salon booking system allows Privilege Escalation. This issue affects Salon booking system: from n/a through 10.11.
Severity ?
7.2 (High)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dimitri Grassi | Salon booking system |
Affected:
n/a , ≤ 10.11
(custom)
|
Credits
Revan Arifio (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-31560",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-02T13:20:55.924910Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-02T13:21:04.785Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "salon-booking-system",
"product": "Salon booking system",
"vendor": "Dimitri Grassi",
"versions": [
{
"lessThanOrEqual": "10.11",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Revan Arifio (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIncorrect Privilege Assignment vulnerability in Dimitri Grassi Salon booking system allows Privilege Escalation.\u003c/p\u003e\u003cp\u003eThis issue affects Salon booking system: from n/a through 10.11.\u003c/p\u003e"
}
],
"value": "Incorrect Privilege Assignment vulnerability in Dimitri Grassi Salon booking system allows Privilege Escalation. This issue affects Salon booking system: from n/a through 10.11."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-01T20:58:12.843Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/salon-booking-system/vulnerability/wordpress-salon-booking-system-plugin-10-11-privilege-escalation-vulnerability?_s_id=cve"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Salon booking system plugin \u003c= 10.11 - Privilege Escalation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-31560",
"datePublished": "2025-04-01T20:58:12.843Z",
"dateReserved": "2025-03-31T10:05:35.681Z",
"dateUpdated": "2025-04-02T13:21:04.785Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47316 (GCVE-0-2024-47316)
Vulnerability from nvd – Published: 2024-10-05 12:27 – Updated: 2024-10-07 14:14
VLAI?
Title
WordPress Salon Booking Wordpress Plugin plugin <= 10.9 - Insecure Direct Object References (IDOR) vulnerability
Summary
Authorization Bypass Through User-Controlled Key vulnerability in Salon Booking System Salon booking system.This issue affects Salon booking system: from n/a through 10.9.
Severity ?
4.3 (Medium)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Salon Booking System | Salon booking system |
Affected:
n/a , ≤ 10.9
(custom)
|
Credits
Sharanabasappa (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47316",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-07T14:14:44.018920Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T14:14:56.519Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "salon-booking-system",
"product": "Salon booking system",
"vendor": "Salon Booking System",
"versions": [
{
"changes": [
{
"at": "10.9.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "10.9",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Sharanabasappa (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Authorization Bypass Through User-Controlled Key vulnerability in Salon Booking System Salon booking system.\u003cp\u003eThis issue affects Salon booking system: from n/a through 10.9.\u003c/p\u003e"
}
],
"value": "Authorization Bypass Through User-Controlled Key vulnerability in Salon Booking System Salon booking system.This issue affects Salon booking system: from n/a through 10.9."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-05T12:27:13.140Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/salon-booking-system/wordpress-salon-booking-wordpress-plugin-plugin-10-9-insecure-direct-object-references-idor-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 10.9.1 or a higher version."
}
],
"value": "Update to 10.9.1 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Salon Booking Wordpress Plugin plugin \u003c= 10.9 - Insecure Direct Object References (IDOR) vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-47316",
"datePublished": "2024-10-05T12:27:13.140Z",
"dateReserved": "2024-09-24T13:00:24.006Z",
"dateUpdated": "2024-10-07T14:14:56.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39658 (GCVE-0-2024-39658)
Vulnerability from nvd – Published: 2024-08-29 14:42 – Updated: 2024-08-29 15:41
VLAI?
Title
WordPress Salon Booking System plugin <= 10.7 - Authenticated SQL Injection vulnerability
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Salon Booking System Salon booking system allows SQL Injection.This issue affects Salon booking system: from n/a through 10.7.
Severity ?
7.6 (High)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Salon Booking System | Salon booking system |
Affected:
n/a , ≤ 10.7
(custom)
|
Credits
justakazh (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39658",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T15:41:03.659712Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T15:41:14.948Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "salon-booking-system",
"product": "Salon booking system",
"vendor": "Salon Booking System",
"versions": [
{
"changes": [
{
"at": "10.8",
"status": "unaffected"
}
],
"lessThanOrEqual": "10.7",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "justakazh (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Salon Booking System Salon booking system allows SQL Injection.\u003cp\u003eThis issue affects Salon booking system: from n/a through 10.7.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Salon Booking System Salon booking system allows SQL Injection.This issue affects Salon booking system: from n/a through 10.7."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T14:42:19.396Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/salon-booking-system/wordpress-salon-booking-system-plugin-10-7-authenticated-sql-injection-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 10.8 or a higher version."
}
],
"value": "Update to 10.8 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Salon Booking System plugin \u003c= 10.7 - Authenticated SQL Injection vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-39658",
"datePublished": "2024-08-29T14:42:19.396Z",
"dateReserved": "2024-06-26T21:19:06.155Z",
"dateUpdated": "2024-08-29T15:41:14.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43280 (GCVE-0-2024-43280)
Vulnerability from nvd – Published: 2024-08-19 17:45 – Updated: 2024-08-19 18:30
VLAI?
Title
WordPress Salon Booking System plugin <= 10.8.1 - Open Redirection vulnerability
Summary
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Salon Booking System Salon booking system.This issue affects Salon booking system: from n/a through 10.8.1.
Severity ?
4.7 (Medium)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Salon Booking System | Salon booking system |
Affected:
n/a , ≤ 10.8.1
(custom)
|
Credits
Le Ngoc Anh (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43280",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-19T18:30:10.236616Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-19T18:30:16.595Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "salon-booking-system",
"product": "Salon booking system",
"vendor": "Salon Booking System",
"versions": [
{
"changes": [
{
"at": "10.9",
"status": "unaffected"
}
],
"lessThanOrEqual": "10.8.1",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Le Ngoc Anh (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability in Salon Booking System Salon booking system.\u003cp\u003eThis issue affects Salon booking system: from n/a through 10.8.1.\u003c/p\u003e"
}
],
"value": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability in Salon Booking System Salon booking system.This issue affects Salon booking system: from n/a through 10.8.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-19T17:45:39.639Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/salon-booking-system/wordpress-salon-booking-system-plugin-10-8-1-open-redirection-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 10.9 or a higher version."
}
],
"value": "Update to 10.9 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Salon Booking System plugin \u003c= 10.8.1 - Open Redirection vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-43280",
"datePublished": "2024-08-19T17:45:39.639Z",
"dateReserved": "2024-08-09T09:21:05.083Z",
"dateUpdated": "2024-08-19T18:30:16.595Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-37231 (GCVE-0-2024-37231)
Vulnerability from nvd – Published: 2024-06-24 12:39 – Updated: 2024-08-02 03:50
VLAI?
Title
WordPress Salon booking system plugin <= 9.9 - Arbitrary File Deletion vulnerability
Summary
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Salon Booking System Salon booking system allows File Manipulation.This issue affects Salon booking system: from n/a through 9.9.
Severity ?
8.6 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Salon Booking System | Salon booking system |
Affected:
n/a , ≤ 9.9
(custom)
|
Credits
LVT-tholv2k (Patchstack Alliance)
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:salonbookingsystem:salon_booking_system:-:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unknown",
"product": "salon_booking_system",
"vendor": "salonbookingsystem",
"versions": [
{
"lessThanOrEqual": "9.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37231",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-24T13:18:45.432246Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-24T13:19:17.127Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:50:55.131Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/salon-booking-system/wordpress-salon-booking-system-plugin-9-9-arbitrary-file-deletion-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "salon-booking-system",
"product": "Salon booking system",
"vendor": "Salon Booking System",
"versions": [
{
"changes": [
{
"at": "10.0",
"status": "unaffected"
}
],
"lessThanOrEqual": "9.9",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "LVT-tholv2k (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in Salon Booking System Salon booking system allows File Manipulation.\u003cp\u003eThis issue affects Salon booking system: from n/a through 9.9.\u003c/p\u003e"
}
],
"value": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in Salon Booking System Salon booking system allows File Manipulation.This issue affects Salon booking system: from n/a through 9.9."
}
],
"impacts": [
{
"capecId": "CAPEC-165",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-165 File Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-24T12:39:16.964Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/salon-booking-system/wordpress-salon-booking-system-plugin-9-9-arbitrary-file-deletion-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 10.0 or a higher version."
}
],
"value": "Update to 10.0 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Salon booking system plugin \u003c= 9.9 - Arbitrary File Deletion vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-37231",
"datePublished": "2024-06-24T12:39:16.964Z",
"dateReserved": "2024-06-04T16:46:21.941Z",
"dateUpdated": "2024-08-02T03:50:55.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3229 (GCVE-0-2024-3229)
Vulnerability from nvd – Published: 2024-06-19 04:31 – Updated: 2024-08-01 20:05
VLAI?
Title
Salon Booking System <= 10.2 - Unauthenticated Arbitrary File Upload
Summary
The Salon booking system plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the SLN_Action_Ajax_ImportAssistants function along with missing authorization checks in all versions up to, and including, 10.2. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
Severity ?
9.8 (Critical)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wordpresschef | Salon Booking System |
Affected:
* , ≤ 10.2
(semver)
|
Credits
Gibran Abdillah
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:salonbookingsystem:salon_booking_system:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "salon_booking_system",
"vendor": "salonbookingsystem",
"versions": [
{
"lessThanOrEqual": "10.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3229",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T17:21:31.427393Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-25T17:22:38.454Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:05:08.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3bbbf5be-5c0a-4514-88ac-003083c0bba3?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/3103584/salon-booking-system/trunk/src/SLN/Action/Ajax/ImportAssistants.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Salon Booking System",
"vendor": "wordpresschef",
"versions": [
{
"lessThanOrEqual": "10.2",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gibran Abdillah"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Salon booking system plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the SLN_Action_Ajax_ImportAssistants function along with missing authorization checks in all versions up to, and including, 10.2. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site\u0027s server which may make remote code execution possible."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T04:31:58.762Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3bbbf5be-5c0a-4514-88ac-003083c0bba3?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3103584/salon-booking-system/trunk/src/SLN/Action/Ajax/ImportAssistants.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-06-18T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "Salon Booking System \u003c= 10.2 - Unauthenticated Arbitrary File Upload"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-3229",
"datePublished": "2024-06-19T04:31:58.762Z",
"dateReserved": "2024-04-02T18:36:30.231Z",
"dateUpdated": "2024-08-01T20:05:08.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-4468 (GCVE-0-2024-4468)
Vulnerability from nvd – Published: 2024-06-08 07:37 – Updated: 2024-08-01 20:40
VLAI?
Title
Salon booking system <= 9.9 - Missing Authorization
Summary
The Salon booking system plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions hooked into admin_init in all versions up to, and including, 9.9. This makes it possible for authenticated attackers with subscriber access or higher to modify plugin settings and view discount codes intended for other users.
Severity ?
4.3 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wordpresschef | Salon Booking System |
Affected:
* , ≤ 9.9
(semver)
|
Credits
Stephanie Walters
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4468",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T20:02:36.336405Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-18T15:14:32.872Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:40:47.152Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8b73f864-68b5-4ba8-93a3-37f2564cc240?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Tools.php#L12"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Tools.php#L16"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Tools.php#L231"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php#L7"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php#L10"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php#L16"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/3098413/salon-booking-system/trunk/src/SLN/Admin/Tools.php"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/3098413/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Salon Booking System",
"vendor": "wordpresschef",
"versions": [
{
"lessThanOrEqual": "9.9",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Stephanie Walters"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Salon booking system plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions hooked into admin_init in all versions up to, and including, 9.9. This makes it possible for authenticated attackers with subscriber access or higher to modify plugin settings and view discount codes intended for other users."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-280 Improper Handling of Insufficient Permissions or Privileges",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-08T07:37:38.584Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8b73f864-68b5-4ba8-93a3-37f2564cc240?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Tools.php#L12"
},
{
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Tools.php#L16"
},
{
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Tools.php#L231"
},
{
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php#L7"
},
{
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php#L10"
},
{
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php#L16"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3098413/salon-booking-system/trunk/src/SLN/Admin/Tools.php"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3098413/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-06-07T19:08:35.000+00:00",
"value": "Disclosed"
}
],
"title": "Salon booking system \u003c= 9.9 - Missing Authorization"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-4468",
"datePublished": "2024-06-08T07:37:38.584Z",
"dateReserved": "2024-05-03T13:03:51.214Z",
"dateUpdated": "2024-08-01T20:40:47.152Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-4442 (GCVE-0-2024-4442)
Vulnerability from nvd – Published: 2024-05-21 06:49 – Updated: 2024-08-01 20:40
VLAI?
Title
Salon booking system <= 9.8 - Unauthenticated Arbitrary File Deletion
Summary
The Salon booking system plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 9.8. This is due to the plugin not properly validating the path of an uploaded file prior to deleting it. This makes it possible for unauthenticated attackers to delete arbitrary files, including the wp-config.php file, which can make site takeover and remote code execution possible.
Severity ?
9.1 (Critical)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wordpresschef | Salon booking system |
Affected:
* , ≤ 9.8
(semver)
|
Credits
István Márton
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4442",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-21T14:25:28.687766Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:54:19.264Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:40:47.257Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/eaafeadd-f44c-49b1-b900-ef40800c629e?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/3088196/salon-booking-system#file14"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/tags/9.8/src/SLN/Action/Ajax/RemoveUploadedFile.php#L5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Salon booking system",
"vendor": "wordpresschef",
"versions": [
{
"lessThanOrEqual": "9.8",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Istv\u00e1n M\u00e1rton"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Salon booking system plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 9.8. This is due to the plugin not properly validating the path of an uploaded file prior to deleting it. This makes it possible for unauthenticated attackers to delete arbitrary files, including the wp-config.php file, which can make site takeover and remote code execution possible."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-21T06:49:55.436Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/eaafeadd-f44c-49b1-b900-ef40800c629e?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3088196/salon-booking-system#file14"
},
{
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/tags/9.8/src/SLN/Action/Ajax/RemoveUploadedFile.php#L5"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-05-02T00:00:00.000+00:00",
"value": "Discovered"
},
{
"lang": "en",
"time": "2024-05-07T00:00:00.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2024-05-17T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "Salon booking system \u003c= 9.8 - Unauthenticated Arbitrary File Deletion"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-4442",
"datePublished": "2024-05-21T06:49:55.436Z",
"dateReserved": "2024-05-02T18:37:46.843Z",
"dateUpdated": "2024-08-01T20:40:47.257Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48319 (GCVE-0-2023-48319)
Vulnerability from nvd – Published: 2024-05-17 08:37 – Updated: 2024-08-02 21:23
VLAI?
Title
WordPress Salon booking system plugin < 8.7 - Editor+ Privilege Escalation vulnerability
Summary
Improper Privilege Management vulnerability in Salon Booking System Salon booking system allows Privilege Escalation.This issue affects Salon booking system: from n/a through 8.6.
Severity ?
6.8 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Salon Booking System | Salon booking system |
Affected:
n/a , ≤ 8.6
(custom)
|
Credits
lttn (Patchstack Alliance)
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:salon_booking_system:salon_booking_system:8.6:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "salon_booking_system",
"vendor": "salon_booking_system",
"versions": [
{
"lessThanOrEqual": "8.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-48319",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-20T15:19:43.582631Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:27:31.721Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:23:39.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/salon-booking-system/wordpress-salon-booking-system-plugin-8-7-editor-privilege-escalation-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "salon-booking-system",
"product": "Salon booking system",
"vendor": "Salon Booking System",
"versions": [
{
"changes": [
{
"at": "8.7",
"status": "unaffected"
}
],
"lessThanOrEqual": "8.6",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "lttn (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Privilege Management vulnerability in Salon Booking System Salon booking system allows Privilege Escalation.\u003cp\u003eThis issue affects Salon booking system: from n/a through 8.6.\u003c/p\u003e"
}
],
"value": "Improper Privilege Management vulnerability in Salon Booking System Salon booking system allows Privilege Escalation.This issue affects Salon booking system: from n/a through 8.6."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-17T08:37:58.120Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/salon-booking-system/wordpress-salon-booking-system-plugin-8-7-editor-privilege-escalation-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 8.7 or a higher version."
}
],
"value": "Update to 8.7 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Salon booking system plugin \u003c 8.7 - Editor+ Privilege Escalation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-48319",
"datePublished": "2024-05-17T08:37:58.120Z",
"dateReserved": "2023-11-14T21:42:18.495Z",
"dateUpdated": "2024-08-02T21:23:39.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2603 (GCVE-0-2024-2603)
Vulnerability from nvd – Published: 2024-04-26 05:00 – Updated: 2024-08-01 19:18
VLAI?
Title
Salon booking system <= 9.6.5 - Editor+ Stored XSS via Email Settings
Summary
The Salon booking system WordPress plugin through 9.6.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin (or editor depending on Salon booking system WordPress plugin through 9.6.5 configuration) to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Severity ?
6.3 (Medium)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Salon booking system |
Affected:
0 , ≤ 9.6.5
(semver)
|
Credits
Bob Matyas
WPScan
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:salon_booking_system:salon_booking_system:9.6.6:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "salon_booking_system",
"vendor": "salon_booking_system",
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-2603",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-29T17:13:36.260271Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:30:27.591Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:18:48.123Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/b4186c03-99ee-4297-85c0-83b7053afc1c/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Salon booking system",
"vendor": "Unknown",
"versions": [
{
"lessThanOrEqual": "9.6.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Bob Matyas"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Salon booking system WordPress plugin through 9.6.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin (or editor depending on Salon booking system WordPress plugin through 9.6.5 configuration) to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-26T05:00:03.262Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/b4186c03-99ee-4297-85c0-83b7053afc1c/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Salon booking system \u003c= 9.6.5 - Editor+ Stored XSS via Email Settings",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-2603",
"datePublished": "2024-04-26T05:00:03.262Z",
"dateReserved": "2024-03-18T15:24:49.174Z",
"dateUpdated": "2024-08-01T19:18:48.123Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2439 (GCVE-0-2024-2439)
Vulnerability from nvd – Published: 2024-04-26 05:00 – Updated: 2025-03-28 23:18
VLAI?
Title
Salon booking system <= 9.6.5 - Editor+ Stored XSS
Summary
The Salon booking system WordPress plugin through 9.6.5 does not sanitise and escape some of its settings, which could allow high privilege users such as Editor to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Severity ?
4.8 (Medium)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Salon booking system |
Affected:
0 , ≤ 9.6.5
(semver)
|
Credits
WPScan
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-2439",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-26T19:22:05.962124Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T23:18:24.442Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:11:53.536Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/7a375077-fc70-4389-b109-28fce3db2aef/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Salon booking system",
"vendor": "Unknown",
"versions": [
{
"lessThanOrEqual": "9.6.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Salon booking system WordPress plugin through 9.6.5 does not sanitise and escape some of its settings, which could allow high privilege users such as Editor to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-26T05:00:03.082Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/7a375077-fc70-4389-b109-28fce3db2aef/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Salon booking system \u003c= 9.6.5 - Editor+ Stored XSS",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-2439",
"datePublished": "2024-04-26T05:00:03.082Z",
"dateReserved": "2024-03-13T21:10:46.421Z",
"dateUpdated": "2025-03-28T23:18:24.442Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2429 (GCVE-0-2024-2429)
Vulnerability from nvd – Published: 2024-04-26 05:00 – Updated: 2024-08-09 20:00
VLAI?
Title
Salon booking system <= 9.6.5 - Settings Update via CSRF
Summary
The Salon booking system WordPress plugin through 9.6.5 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
Severity ?
4.3 (Medium)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Salon booking system |
Affected:
0 , ≤ 9.6.5
(semver)
|
Credits
Bob Matyas
WPScan
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:11:53.535Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/1c6812d8-a218-4c15-9e2d-d43f3f3b0e78/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:salonbookingsystem:salon_booking_system:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "salon_booking_system",
"vendor": "salonbookingsystem",
"versions": [
{
"lessThanOrEqual": "9.6.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-2429",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-09T19:58:36.252838Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-09T20:00:15.839Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Salon booking system",
"vendor": "Unknown",
"versions": [
{
"lessThanOrEqual": "9.6.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Bob Matyas"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Salon booking system WordPress plugin through 9.6.5 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-26T05:00:02.847Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/1c6812d8-a218-4c15-9e2d-d43f3f3b0e78/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Salon booking system \u003c= 9.6.5 - Settings Update via CSRF",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-2429",
"datePublished": "2024-04-26T05:00:02.847Z",
"dateReserved": "2024-03-13T15:38:04.813Z",
"dateUpdated": "2024-08-09T20:00:15.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2102 (GCVE-0-2024-2102)
Vulnerability from nvd – Published: 2024-04-17 05:00 – Updated: 2024-08-01 19:03
VLAI?
Title
Salon booking system < 9.6.3 - Unauthenticated Stored XSS
Summary
The Salon booking system WordPress plugin before 9.6.3 does not properly sanitize and escape the 'Mobile Phone' field and 'sms_prefix' parameter when booking an appointment, allowing customers to conduct Stored Cross-Site Scripting attacks. The payload gets triggered when an admin visits the 'Bookings' page and the malicious script is executed in the admin context.
Severity ?
4.7 (Medium)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Salon booking system |
Affected:
0 , < 9.6.3
(semver)
|
Credits
WPScan
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:salonbookingsystem:salon_booking_system:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "salon_booking_system",
"vendor": "salonbookingsystem",
"versions": [
{
"lessThan": "9.6.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-2102",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-12T14:22:51.424894Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-12T21:11:29.048Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:03:38.794Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/3d15f589-956c-4c71-98b1-3ba89d22262c/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Salon booking system",
"vendor": "Unknown",
"versions": [
{
"lessThan": "9.6.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Salon booking system WordPress plugin before 9.6.3 does not properly sanitize and escape the \u0027Mobile Phone\u0027 field and \u0027sms_prefix\u0027 parameter when booking an appointment, allowing customers to conduct Stored Cross-Site Scripting attacks. The payload gets triggered when an admin visits the \u0027Bookings\u0027 page and the malicious script is executed in the admin context."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-17T05:00:02.737Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/3d15f589-956c-4c71-98b1-3ba89d22262c/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Salon booking system \u003c 9.6.3 - Unauthenticated Stored XSS",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-2102",
"datePublished": "2024-04-17T05:00:02.737Z",
"dateReserved": "2024-03-01T16:20:45.609Z",
"dateUpdated": "2024-08-01T19:03:38.794Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2101 (GCVE-0-2024-2101)
Vulnerability from nvd – Published: 2024-04-17 05:00 – Updated: 2024-08-01 19:03
VLAI?
Title
WordPress Plugin Salon Booking System < 9.6.3 - Unauthenticated Stored Cross-Site Scripting (XSS)
Summary
The Salon booking system WordPress plugin before 9.6.3 does not properly sanitize and escape the 'Mobile Phone' field when booking an appointment, allowing customers to conduct Stored Cross-Site Scripting attacks. The payload gets triggered when an admin visits the 'Customers' page and the malicious script is executed in the admin context.
Severity ?
5.7 (Medium)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Salon booking system |
Affected:
0 , < 9.6.3
(semver)
|
Credits
Priyanka Pande
WPScan
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:salonbookingsystem:salon_booking_system:-:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unknown",
"product": "salon_booking_system",
"vendor": "salonbookingsystem",
"versions": [
{
"lessThanOrEqual": "9.6.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-2101",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-19T20:56:46.856425Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T13:56:45.727Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:03:38.483Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/b3a0bb3f-50b2-4dcb-b23c-b08480363a4a/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Salon booking system",
"vendor": "Unknown",
"versions": [
{
"lessThan": "9.6.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Priyanka Pande"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Salon booking system WordPress plugin before 9.6.3 does not properly sanitize and escape the \u0027Mobile Phone\u0027 field when booking an appointment, allowing customers to conduct Stored Cross-Site Scripting attacks. The payload gets triggered when an admin visits the \u0027Customers\u0027 page and the malicious script is executed in the admin context."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-17T05:00:02.552Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/b3a0bb3f-50b2-4dcb-b23c-b08480363a4a/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Plugin Salon Booking System \u003c 9.6.3 - Unauthenticated Stored Cross-Site Scripting (XSS)",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-2101",
"datePublished": "2024-04-17T05:00:02.552Z",
"dateReserved": "2024-03-01T16:17:36.665Z",
"dateUpdated": "2024-08-01T19:03:38.483Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9882 (GCVE-0-2024-9882)
Vulnerability from cvelistv5 – Published: 2025-05-15 20:07 – Updated: 2025-05-17 02:52
VLAI?
Title
Salon Booking System < 10.9.4 - Admin+ Stored XSS
Summary
The Salon Booking System, Appointment Scheduling for Salons, Spas & Small Businesses WordPress plugin before 1.9.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Severity ?
4.8 (Medium)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Salon Booking System, Appointment Scheduling for Salons, Spas & Small Businesses |
Affected:
0 , < 1.9.4
(semver)
|
Credits
Dmitrii Ignatyev
WPScan
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-9882",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-17T02:52:27.833551Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-17T02:52:59.079Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Salon Booking System, Appointment Scheduling for Salons, Spas \u0026 Small Businesses",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.9.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dmitrii Ignatyev"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Salon Booking System, Appointment Scheduling for Salons, Spas \u0026 Small Businesses WordPress plugin before 1.9.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-15T20:07:24.507Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/7f7667fd-6ac6-4c90-aaf0-c7862bd8e9bd/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Salon Booking System \u003c 10.9.4 - Admin+ Stored XSS",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-9882",
"datePublished": "2025-05-15T20:07:24.507Z",
"dateReserved": "2024-10-11T18:34:52.655Z",
"dateUpdated": "2025-05-17T02:52:59.079Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-32220 (GCVE-0-2025-32220)
Vulnerability from cvelistv5 – Published: 2025-04-04 15:59 – Updated: 2025-04-04 20:11
VLAI?
Title
WordPress Salon Booking System plugin <= 10.10.7 - Broken Access Control vulnerability
Summary
Missing Authorization vulnerability in Dimitri Grassi Salon booking system allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Salon booking system: from n/a through 10.10.7.
Severity ?
5.4 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dimitri Grassi | Salon booking system |
Affected:
n/a , ≤ 10.10.7
(custom)
|
Credits
NAWardRox (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-32220",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-04T19:52:43.033033Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-04T20:11:29.531Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "salon-booking-system",
"product": "Salon booking system",
"vendor": "Dimitri Grassi",
"versions": [
{
"lessThanOrEqual": "10.10.7",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "NAWardRox (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMissing Authorization vulnerability in Dimitri Grassi Salon booking system allows Exploiting Incorrectly Configured Access Control Security Levels.\u003c/p\u003e\u003cp\u003eThis issue affects Salon booking system: from n/a through 10.10.7.\u003c/p\u003e"
}
],
"value": "Missing Authorization vulnerability in Dimitri Grassi Salon booking system allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Salon booking system: from n/a through 10.10.7."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-04T15:59:14.531Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/salon-booking-system/vulnerability/wordpress-salon-booking-system-plugin-10-10-7-broken-access-control-vulnerability?_s_id=cve"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Salon Booking System plugin \u003c= 10.10.7 - Broken Access Control vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-32220",
"datePublished": "2025-04-04T15:59:14.531Z",
"dateReserved": "2025-04-04T10:01:42.465Z",
"dateUpdated": "2025-04-04T20:11:29.531Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-31560 (GCVE-0-2025-31560)
Vulnerability from cvelistv5 – Published: 2025-04-01 20:58 – Updated: 2025-04-02 13:21
VLAI?
Title
WordPress Salon booking system plugin <= 10.11 - Privilege Escalation vulnerability
Summary
Incorrect Privilege Assignment vulnerability in Dimitri Grassi Salon booking system allows Privilege Escalation. This issue affects Salon booking system: from n/a through 10.11.
Severity ?
7.2 (High)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dimitri Grassi | Salon booking system |
Affected:
n/a , ≤ 10.11
(custom)
|
Credits
Revan Arifio (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-31560",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-02T13:20:55.924910Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-02T13:21:04.785Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "salon-booking-system",
"product": "Salon booking system",
"vendor": "Dimitri Grassi",
"versions": [
{
"lessThanOrEqual": "10.11",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Revan Arifio (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIncorrect Privilege Assignment vulnerability in Dimitri Grassi Salon booking system allows Privilege Escalation.\u003c/p\u003e\u003cp\u003eThis issue affects Salon booking system: from n/a through 10.11.\u003c/p\u003e"
}
],
"value": "Incorrect Privilege Assignment vulnerability in Dimitri Grassi Salon booking system allows Privilege Escalation. This issue affects Salon booking system: from n/a through 10.11."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-01T20:58:12.843Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/salon-booking-system/vulnerability/wordpress-salon-booking-system-plugin-10-11-privilege-escalation-vulnerability?_s_id=cve"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Salon booking system plugin \u003c= 10.11 - Privilege Escalation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-31560",
"datePublished": "2025-04-01T20:58:12.843Z",
"dateReserved": "2025-03-31T10:05:35.681Z",
"dateUpdated": "2025-04-02T13:21:04.785Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47316 (GCVE-0-2024-47316)
Vulnerability from cvelistv5 – Published: 2024-10-05 12:27 – Updated: 2024-10-07 14:14
VLAI?
Title
WordPress Salon Booking Wordpress Plugin plugin <= 10.9 - Insecure Direct Object References (IDOR) vulnerability
Summary
Authorization Bypass Through User-Controlled Key vulnerability in Salon Booking System Salon booking system.This issue affects Salon booking system: from n/a through 10.9.
Severity ?
4.3 (Medium)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Salon Booking System | Salon booking system |
Affected:
n/a , ≤ 10.9
(custom)
|
Credits
Sharanabasappa (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47316",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-07T14:14:44.018920Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T14:14:56.519Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "salon-booking-system",
"product": "Salon booking system",
"vendor": "Salon Booking System",
"versions": [
{
"changes": [
{
"at": "10.9.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "10.9",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Sharanabasappa (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Authorization Bypass Through User-Controlled Key vulnerability in Salon Booking System Salon booking system.\u003cp\u003eThis issue affects Salon booking system: from n/a through 10.9.\u003c/p\u003e"
}
],
"value": "Authorization Bypass Through User-Controlled Key vulnerability in Salon Booking System Salon booking system.This issue affects Salon booking system: from n/a through 10.9."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-05T12:27:13.140Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/salon-booking-system/wordpress-salon-booking-wordpress-plugin-plugin-10-9-insecure-direct-object-references-idor-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 10.9.1 or a higher version."
}
],
"value": "Update to 10.9.1 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Salon Booking Wordpress Plugin plugin \u003c= 10.9 - Insecure Direct Object References (IDOR) vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-47316",
"datePublished": "2024-10-05T12:27:13.140Z",
"dateReserved": "2024-09-24T13:00:24.006Z",
"dateUpdated": "2024-10-07T14:14:56.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39658 (GCVE-0-2024-39658)
Vulnerability from cvelistv5 – Published: 2024-08-29 14:42 – Updated: 2024-08-29 15:41
VLAI?
Title
WordPress Salon Booking System plugin <= 10.7 - Authenticated SQL Injection vulnerability
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Salon Booking System Salon booking system allows SQL Injection.This issue affects Salon booking system: from n/a through 10.7.
Severity ?
7.6 (High)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Salon Booking System | Salon booking system |
Affected:
n/a , ≤ 10.7
(custom)
|
Credits
justakazh (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39658",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T15:41:03.659712Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T15:41:14.948Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "salon-booking-system",
"product": "Salon booking system",
"vendor": "Salon Booking System",
"versions": [
{
"changes": [
{
"at": "10.8",
"status": "unaffected"
}
],
"lessThanOrEqual": "10.7",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "justakazh (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Salon Booking System Salon booking system allows SQL Injection.\u003cp\u003eThis issue affects Salon booking system: from n/a through 10.7.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Salon Booking System Salon booking system allows SQL Injection.This issue affects Salon booking system: from n/a through 10.7."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T14:42:19.396Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/salon-booking-system/wordpress-salon-booking-system-plugin-10-7-authenticated-sql-injection-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 10.8 or a higher version."
}
],
"value": "Update to 10.8 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Salon Booking System plugin \u003c= 10.7 - Authenticated SQL Injection vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-39658",
"datePublished": "2024-08-29T14:42:19.396Z",
"dateReserved": "2024-06-26T21:19:06.155Z",
"dateUpdated": "2024-08-29T15:41:14.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43280 (GCVE-0-2024-43280)
Vulnerability from cvelistv5 – Published: 2024-08-19 17:45 – Updated: 2024-08-19 18:30
VLAI?
Title
WordPress Salon Booking System plugin <= 10.8.1 - Open Redirection vulnerability
Summary
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Salon Booking System Salon booking system.This issue affects Salon booking system: from n/a through 10.8.1.
Severity ?
4.7 (Medium)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Salon Booking System | Salon booking system |
Affected:
n/a , ≤ 10.8.1
(custom)
|
Credits
Le Ngoc Anh (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43280",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-19T18:30:10.236616Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-19T18:30:16.595Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "salon-booking-system",
"product": "Salon booking system",
"vendor": "Salon Booking System",
"versions": [
{
"changes": [
{
"at": "10.9",
"status": "unaffected"
}
],
"lessThanOrEqual": "10.8.1",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Le Ngoc Anh (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability in Salon Booking System Salon booking system.\u003cp\u003eThis issue affects Salon booking system: from n/a through 10.8.1.\u003c/p\u003e"
}
],
"value": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability in Salon Booking System Salon booking system.This issue affects Salon booking system: from n/a through 10.8.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-19T17:45:39.639Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/salon-booking-system/wordpress-salon-booking-system-plugin-10-8-1-open-redirection-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 10.9 or a higher version."
}
],
"value": "Update to 10.9 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Salon Booking System plugin \u003c= 10.8.1 - Open Redirection vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-43280",
"datePublished": "2024-08-19T17:45:39.639Z",
"dateReserved": "2024-08-09T09:21:05.083Z",
"dateUpdated": "2024-08-19T18:30:16.595Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-37231 (GCVE-0-2024-37231)
Vulnerability from cvelistv5 – Published: 2024-06-24 12:39 – Updated: 2024-08-02 03:50
VLAI?
Title
WordPress Salon booking system plugin <= 9.9 - Arbitrary File Deletion vulnerability
Summary
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Salon Booking System Salon booking system allows File Manipulation.This issue affects Salon booking system: from n/a through 9.9.
Severity ?
8.6 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Salon Booking System | Salon booking system |
Affected:
n/a , ≤ 9.9
(custom)
|
Credits
LVT-tholv2k (Patchstack Alliance)
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:salonbookingsystem:salon_booking_system:-:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unknown",
"product": "salon_booking_system",
"vendor": "salonbookingsystem",
"versions": [
{
"lessThanOrEqual": "9.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37231",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-24T13:18:45.432246Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-24T13:19:17.127Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:50:55.131Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/salon-booking-system/wordpress-salon-booking-system-plugin-9-9-arbitrary-file-deletion-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "salon-booking-system",
"product": "Salon booking system",
"vendor": "Salon Booking System",
"versions": [
{
"changes": [
{
"at": "10.0",
"status": "unaffected"
}
],
"lessThanOrEqual": "9.9",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "LVT-tholv2k (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in Salon Booking System Salon booking system allows File Manipulation.\u003cp\u003eThis issue affects Salon booking system: from n/a through 9.9.\u003c/p\u003e"
}
],
"value": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in Salon Booking System Salon booking system allows File Manipulation.This issue affects Salon booking system: from n/a through 9.9."
}
],
"impacts": [
{
"capecId": "CAPEC-165",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-165 File Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-24T12:39:16.964Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/salon-booking-system/wordpress-salon-booking-system-plugin-9-9-arbitrary-file-deletion-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 10.0 or a higher version."
}
],
"value": "Update to 10.0 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Salon booking system plugin \u003c= 9.9 - Arbitrary File Deletion vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-37231",
"datePublished": "2024-06-24T12:39:16.964Z",
"dateReserved": "2024-06-04T16:46:21.941Z",
"dateUpdated": "2024-08-02T03:50:55.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3229 (GCVE-0-2024-3229)
Vulnerability from cvelistv5 – Published: 2024-06-19 04:31 – Updated: 2024-08-01 20:05
VLAI?
Title
Salon Booking System <= 10.2 - Unauthenticated Arbitrary File Upload
Summary
The Salon booking system plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the SLN_Action_Ajax_ImportAssistants function along with missing authorization checks in all versions up to, and including, 10.2. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
Severity ?
9.8 (Critical)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wordpresschef | Salon Booking System |
Affected:
* , ≤ 10.2
(semver)
|
Credits
Gibran Abdillah
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:salonbookingsystem:salon_booking_system:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "salon_booking_system",
"vendor": "salonbookingsystem",
"versions": [
{
"lessThanOrEqual": "10.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3229",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T17:21:31.427393Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-25T17:22:38.454Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:05:08.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3bbbf5be-5c0a-4514-88ac-003083c0bba3?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/3103584/salon-booking-system/trunk/src/SLN/Action/Ajax/ImportAssistants.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Salon Booking System",
"vendor": "wordpresschef",
"versions": [
{
"lessThanOrEqual": "10.2",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gibran Abdillah"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Salon booking system plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the SLN_Action_Ajax_ImportAssistants function along with missing authorization checks in all versions up to, and including, 10.2. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site\u0027s server which may make remote code execution possible."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T04:31:58.762Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3bbbf5be-5c0a-4514-88ac-003083c0bba3?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3103584/salon-booking-system/trunk/src/SLN/Action/Ajax/ImportAssistants.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-06-18T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "Salon Booking System \u003c= 10.2 - Unauthenticated Arbitrary File Upload"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-3229",
"datePublished": "2024-06-19T04:31:58.762Z",
"dateReserved": "2024-04-02T18:36:30.231Z",
"dateUpdated": "2024-08-01T20:05:08.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-4468 (GCVE-0-2024-4468)
Vulnerability from cvelistv5 – Published: 2024-06-08 07:37 – Updated: 2024-08-01 20:40
VLAI?
Title
Salon booking system <= 9.9 - Missing Authorization
Summary
The Salon booking system plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions hooked into admin_init in all versions up to, and including, 9.9. This makes it possible for authenticated attackers with subscriber access or higher to modify plugin settings and view discount codes intended for other users.
Severity ?
4.3 (Medium)
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wordpresschef | Salon Booking System |
Affected:
* , ≤ 9.9
(semver)
|
Credits
Stephanie Walters
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4468",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T20:02:36.336405Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-18T15:14:32.872Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:40:47.152Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8b73f864-68b5-4ba8-93a3-37f2564cc240?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Tools.php#L12"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Tools.php#L16"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Tools.php#L231"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php#L7"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php#L10"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php#L16"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/3098413/salon-booking-system/trunk/src/SLN/Admin/Tools.php"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/3098413/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Salon Booking System",
"vendor": "wordpresschef",
"versions": [
{
"lessThanOrEqual": "9.9",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Stephanie Walters"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Salon booking system plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions hooked into admin_init in all versions up to, and including, 9.9. This makes it possible for authenticated attackers with subscriber access or higher to modify plugin settings and view discount codes intended for other users."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-280 Improper Handling of Insufficient Permissions or Privileges",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-08T07:37:38.584Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8b73f864-68b5-4ba8-93a3-37f2564cc240?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Tools.php#L12"
},
{
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Tools.php#L16"
},
{
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Tools.php#L231"
},
{
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php#L7"
},
{
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php#L10"
},
{
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php#L16"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3098413/salon-booking-system/trunk/src/SLN/Admin/Tools.php"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3098413/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-06-07T19:08:35.000+00:00",
"value": "Disclosed"
}
],
"title": "Salon booking system \u003c= 9.9 - Missing Authorization"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-4468",
"datePublished": "2024-06-08T07:37:38.584Z",
"dateReserved": "2024-05-03T13:03:51.214Z",
"dateUpdated": "2024-08-01T20:40:47.152Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-4442 (GCVE-0-2024-4442)
Vulnerability from cvelistv5 – Published: 2024-05-21 06:49 – Updated: 2024-08-01 20:40
VLAI?
Title
Salon booking system <= 9.8 - Unauthenticated Arbitrary File Deletion
Summary
The Salon booking system plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 9.8. This is due to the plugin not properly validating the path of an uploaded file prior to deleting it. This makes it possible for unauthenticated attackers to delete arbitrary files, including the wp-config.php file, which can make site takeover and remote code execution possible.
Severity ?
9.1 (Critical)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wordpresschef | Salon booking system |
Affected:
* , ≤ 9.8
(semver)
|
Credits
István Márton
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4442",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-21T14:25:28.687766Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:54:19.264Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:40:47.257Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/eaafeadd-f44c-49b1-b900-ef40800c629e?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/3088196/salon-booking-system#file14"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/tags/9.8/src/SLN/Action/Ajax/RemoveUploadedFile.php#L5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Salon booking system",
"vendor": "wordpresschef",
"versions": [
{
"lessThanOrEqual": "9.8",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Istv\u00e1n M\u00e1rton"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Salon booking system plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 9.8. This is due to the plugin not properly validating the path of an uploaded file prior to deleting it. This makes it possible for unauthenticated attackers to delete arbitrary files, including the wp-config.php file, which can make site takeover and remote code execution possible."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-21T06:49:55.436Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/eaafeadd-f44c-49b1-b900-ef40800c629e?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3088196/salon-booking-system#file14"
},
{
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/tags/9.8/src/SLN/Action/Ajax/RemoveUploadedFile.php#L5"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-05-02T00:00:00.000+00:00",
"value": "Discovered"
},
{
"lang": "en",
"time": "2024-05-07T00:00:00.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2024-05-17T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "Salon booking system \u003c= 9.8 - Unauthenticated Arbitrary File Deletion"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-4442",
"datePublished": "2024-05-21T06:49:55.436Z",
"dateReserved": "2024-05-02T18:37:46.843Z",
"dateUpdated": "2024-08-01T20:40:47.257Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48319 (GCVE-0-2023-48319)
Vulnerability from cvelistv5 – Published: 2024-05-17 08:37 – Updated: 2024-08-02 21:23
VLAI?
Title
WordPress Salon booking system plugin < 8.7 - Editor+ Privilege Escalation vulnerability
Summary
Improper Privilege Management vulnerability in Salon Booking System Salon booking system allows Privilege Escalation.This issue affects Salon booking system: from n/a through 8.6.
Severity ?
6.8 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Salon Booking System | Salon booking system |
Affected:
n/a , ≤ 8.6
(custom)
|
Credits
lttn (Patchstack Alliance)
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:salon_booking_system:salon_booking_system:8.6:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "salon_booking_system",
"vendor": "salon_booking_system",
"versions": [
{
"lessThanOrEqual": "8.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-48319",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-20T15:19:43.582631Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:27:31.721Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:23:39.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/salon-booking-system/wordpress-salon-booking-system-plugin-8-7-editor-privilege-escalation-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "salon-booking-system",
"product": "Salon booking system",
"vendor": "Salon Booking System",
"versions": [
{
"changes": [
{
"at": "8.7",
"status": "unaffected"
}
],
"lessThanOrEqual": "8.6",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "lttn (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Privilege Management vulnerability in Salon Booking System Salon booking system allows Privilege Escalation.\u003cp\u003eThis issue affects Salon booking system: from n/a through 8.6.\u003c/p\u003e"
}
],
"value": "Improper Privilege Management vulnerability in Salon Booking System Salon booking system allows Privilege Escalation.This issue affects Salon booking system: from n/a through 8.6."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-17T08:37:58.120Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/salon-booking-system/wordpress-salon-booking-system-plugin-8-7-editor-privilege-escalation-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 8.7 or a higher version."
}
],
"value": "Update to 8.7 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Salon booking system plugin \u003c 8.7 - Editor+ Privilege Escalation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-48319",
"datePublished": "2024-05-17T08:37:58.120Z",
"dateReserved": "2023-11-14T21:42:18.495Z",
"dateUpdated": "2024-08-02T21:23:39.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2603 (GCVE-0-2024-2603)
Vulnerability from cvelistv5 – Published: 2024-04-26 05:00 – Updated: 2024-08-01 19:18
VLAI?
Title
Salon booking system <= 9.6.5 - Editor+ Stored XSS via Email Settings
Summary
The Salon booking system WordPress plugin through 9.6.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin (or editor depending on Salon booking system WordPress plugin through 9.6.5 configuration) to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Severity ?
6.3 (Medium)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Salon booking system |
Affected:
0 , ≤ 9.6.5
(semver)
|
Credits
Bob Matyas
WPScan
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:salon_booking_system:salon_booking_system:9.6.6:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "salon_booking_system",
"vendor": "salon_booking_system",
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-2603",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-29T17:13:36.260271Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:30:27.591Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:18:48.123Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/b4186c03-99ee-4297-85c0-83b7053afc1c/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Salon booking system",
"vendor": "Unknown",
"versions": [
{
"lessThanOrEqual": "9.6.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Bob Matyas"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Salon booking system WordPress plugin through 9.6.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin (or editor depending on Salon booking system WordPress plugin through 9.6.5 configuration) to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-26T05:00:03.262Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/b4186c03-99ee-4297-85c0-83b7053afc1c/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Salon booking system \u003c= 9.6.5 - Editor+ Stored XSS via Email Settings",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-2603",
"datePublished": "2024-04-26T05:00:03.262Z",
"dateReserved": "2024-03-18T15:24:49.174Z",
"dateUpdated": "2024-08-01T19:18:48.123Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2439 (GCVE-0-2024-2439)
Vulnerability from cvelistv5 – Published: 2024-04-26 05:00 – Updated: 2025-03-28 23:18
VLAI?
Title
Salon booking system <= 9.6.5 - Editor+ Stored XSS
Summary
The Salon booking system WordPress plugin through 9.6.5 does not sanitise and escape some of its settings, which could allow high privilege users such as Editor to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Severity ?
4.8 (Medium)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Salon booking system |
Affected:
0 , ≤ 9.6.5
(semver)
|
Credits
WPScan
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-2439",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-26T19:22:05.962124Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T23:18:24.442Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:11:53.536Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/7a375077-fc70-4389-b109-28fce3db2aef/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Salon booking system",
"vendor": "Unknown",
"versions": [
{
"lessThanOrEqual": "9.6.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Salon booking system WordPress plugin through 9.6.5 does not sanitise and escape some of its settings, which could allow high privilege users such as Editor to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-26T05:00:03.082Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/7a375077-fc70-4389-b109-28fce3db2aef/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Salon booking system \u003c= 9.6.5 - Editor+ Stored XSS",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-2439",
"datePublished": "2024-04-26T05:00:03.082Z",
"dateReserved": "2024-03-13T21:10:46.421Z",
"dateUpdated": "2025-03-28T23:18:24.442Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2429 (GCVE-0-2024-2429)
Vulnerability from cvelistv5 – Published: 2024-04-26 05:00 – Updated: 2024-08-09 20:00
VLAI?
Title
Salon booking system <= 9.6.5 - Settings Update via CSRF
Summary
The Salon booking system WordPress plugin through 9.6.5 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
Severity ?
4.3 (Medium)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Salon booking system |
Affected:
0 , ≤ 9.6.5
(semver)
|
Credits
Bob Matyas
WPScan
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:11:53.535Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/1c6812d8-a218-4c15-9e2d-d43f3f3b0e78/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:salonbookingsystem:salon_booking_system:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "salon_booking_system",
"vendor": "salonbookingsystem",
"versions": [
{
"lessThanOrEqual": "9.6.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-2429",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-09T19:58:36.252838Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-09T20:00:15.839Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Salon booking system",
"vendor": "Unknown",
"versions": [
{
"lessThanOrEqual": "9.6.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Bob Matyas"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Salon booking system WordPress plugin through 9.6.5 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-26T05:00:02.847Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/1c6812d8-a218-4c15-9e2d-d43f3f3b0e78/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Salon booking system \u003c= 9.6.5 - Settings Update via CSRF",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-2429",
"datePublished": "2024-04-26T05:00:02.847Z",
"dateReserved": "2024-03-13T15:38:04.813Z",
"dateUpdated": "2024-08-09T20:00:15.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}