Known Vulnerabilities for products from Salonbookingsystem

Listed below are 8 of the newest known vulnerabilities associated with the vendor "Salonbookingsystem".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2025-32220	Missing Authorization vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Exploiting Incorrectly...	Not Provided	2025-04-04	2026-04-01
CVE-2025-31560	Incorrect Privilege Assignment vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Privilege Esc...	Not Provided	2025-04-01	2026-04-01
CVE-2024-47316	Authorization Bypass Through User-Controlled Key vulnerability in Dimitri Grassi Salon booking system salon-booking-system.Th...	Not Provided	2024-10-05	2026-04-01
CVE-2023-3427	The Salon Booking System plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 8...	4.3 - MEDIUM	2023-06-28	2023-11-07
CVE-2022-43487	Cross-site scripting vulnerability in Salon booking system versions prior to 7.9 allows a remote unauthenticated attacker to ...	6.1 - MEDIUM	2022-12-05	2022-12-06
CVE-2022-0920	The Salon booking system Free and Pro WordPress plugins before 7.6.3 do not have proper authorisation in some of its endpoint...	7.5 - HIGH	2022-04-11	2022-04-15
CVE-2022-0919	The Salon booking system Free and pro WordPress plugins before 7.6.3 do not have proper authorisation when searching bookings...	5.3 - MEDIUM	2022-04-11	2022-04-15
CVE-2021-24429	The Salon booking system WordPress plugin before 6.3.1 does not properly sanitise and escape the First Name field when bookin...	6.1 - MEDIUM	2021-07-12	2021-07-15