Vulnerabilities > Salonbookingsystem > Salon Booking System > 9.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-04-04 | CVE-2025-32220 | Missing Authorization vulnerability in Salonbookingsystem Salon Booking System Missing Authorization vulnerability in Dimitri Grassi Salon booking system allows Exploiting Incorrectly Configured Access Control Security Levels. | 8.8 |
| 2025-04-01 | CVE-2025-31560 | Incorrect Privilege Assignment vulnerability in Salonbookingsystem Salon Booking System Incorrect Privilege Assignment vulnerability in Dimitri Grassi Salon booking system allows Privilege Escalation. | 7.2 |
| 2024-10-05 | CVE-2024-47316 | Authorization Bypass Through User-Controlled Key vulnerability in Salonbookingsystem Salon Booking System Authorization Bypass Through User-Controlled Key vulnerability in Salon Booking System Salon booking system.This issue affects Salon booking system: from n/a through 10.9. | 8.8 |
| 2024-08-19 | CVE-2024-43280 | Open Redirect vulnerability in Salonbookingsystem Salon Booking System URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Salon Booking System Salon booking system.This issue affects Salon booking system: from n/a through 10.8.1. | 6.1 |
| 2024-06-24 | CVE-2024-37231 | Unspecified vulnerability in Salonbookingsystem Salon Booking System Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Salon Booking System Salon booking system allows File Manipulation.This issue affects Salon booking system: from n/a through 9.9. | 9.1 |
| 2024-06-08 | CVE-2024-4468 | Missing Authorization vulnerability in Salonbookingsystem Salon Booking System The Salon booking system plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions hooked into admin_init in all versions up to, and including, 9.9. | 5.4 |
| 2024-05-21 | CVE-2024-4442 | Path Traversal vulnerability in Salonbookingsystem Salon Booking System The Salon booking system plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 9.8. | 9.1 |