Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Salon booking system — Vulnerabilities & Security Advisories 20

All 20 CVE vulnerabilities found in Salon booking system, with AI-generated Chinese analysis, references, and POCs.

Vendor: Salon Booking System

CVE IDTitleCVSSSeverityPublished
CVE-2025-67954 WordPress Salon booking system plugin <= 10.30.3 - Sensitive Data Exposure vulnerability CWE-497 7.5AIHighAI2026-01-22
CVE-2025-66531 WordPress Salon booking system plugin <= 10.30.3 - Cross Site Request Forgery (CSRF) vulnerability CWE-352 4.3 Medium2025-12-09
CVE-2025-47583 WordPress Salon booking system plugin <= 10.16 - CSRF to Arbitrary Content Deletion vulnerability CWE-352 5.4 Medium2025-05-19
CVE-2025-32220 WordPress Salon booking system plugin <= 10.30.26 - Broken Access Control vulnerability CWE-862 5.4 Medium2025-04-04
CVE-2025-31560 WordPress Salon booking system plugin < 10.15 - Privilege Escalation vulnerability CWE-266 7.2 High2025-04-01
CVE-2024-47316 WordPress Salon Booking Wordpress Plugin plugin <= 10.9 - Insecure Direct Object References (IDOR) vulnerability CWE-639 4.3 Medium2024-10-05
CVE-2024-39658 WordPress Salon Booking System plugin <= 10.7 - Authenticated SQL Injection vulnerability CWE-89 7.6 High2024-08-29
CVE-2024-43280 WordPress Salon Booking System plugin <= 10.8.1 - Open Redirection vulnerability CWE-601 4.7 Medium2024-08-19
CVE-2024-37231 WordPress Salon booking system plugin <= 9.9 - Arbitrary File Deletion vulnerability CWE-22 8.6 High2024-06-24
CVE-2023-48319 WordPress Salon booking system plugin < 8.7 - Editor+ Privilege Escalation vulnerability CWE-269 6.8 Medium2024-05-17
CVE-2024-2603 Salon booking system <= 9.6.5 - Editor+ Stored XSS via Email Settings 4.8AIMediumAI2024-04-26
CVE-2024-2429 Salon booking system <= 9.6.5 - Settings Update via CSRF 4.3AIMediumAI2024-04-26
CVE-2024-2439 Salon booking system <= 9.6.5 - Editor+ Stored XSS 4.8AIMediumAI2024-04-26
CVE-2024-2102 Salon booking system < 9.6.3 - Unauthenticated Stored XSS 5.4AIMediumAI2024-04-17
CVE-2024-2101 WordPress Plugin Salon Booking System < 9.6.3 - Unauthenticated Stored Cross-Site Scripting (XSS) 5.4AIMediumAI2024-04-17
CVE-2024-30510 WordPress Salon booking system plugin <= 9.5 - Arbitrary File Upload vulnerability CWE-434 10.0 Critical2024-03-29
CVE-2022-43487 WordPress plugin Salon booking system 跨站脚本漏洞 6.1 -2022-12-05
CVE-2022-0920 Salon booking system < 7.6.3 - Customer+ Bookings/Customers Data Disclosure CWE-863 7.5 -2022-04-11
CVE-2022-0919 Salon booking system < 7.6.3 - Unauthenticated Sensitive Data Disclosure CWE-862 5.3 -2022-04-11
CVE-2021-24429 Salon Booking System < 6.3.1 - Unauthenticated Stored Cross-Site Scripting (XSS) CWE-79 5.4 -2021-07-12

All 20 known CVE vulnerabilities affecting Salon booking system with full Chinese analysis, references, and POCs where available.