Vulnerabilites related to salonbookingsystem - salon_booking_system
Vulnerability from fkie_nvd
Published
2022-04-11 15:15
Modified
2024-11-21 06:39
Severity ?
Summary
The Salon booking system Free and Pro WordPress plugins before 7.6.3 do not have proper authorisation in some of its endpoints, which could allow customers to access all bookings and other customer's data
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://wpscan.com/vulnerability/5a5ab7a8-be67-4f70-925c-9cb1eff2fbe0 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/5a5ab7a8-be67-4f70-925c-9cb1eff2fbe0 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| salonbookingsystem | salon_booking_system | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:salonbookingsystem:salon_booking_system:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "0AFD6C6A-880C-4655-B82E-30C6FFA6062C",
"versionEndExcluding": "7.6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Salon booking system Free and Pro WordPress plugins before 7.6.3 do not have proper authorisation in some of its endpoints, which could allow customers to access all bookings and other customer\u0027s data"
},
{
"lang": "es",
"value": "Los plugins Salon booking system Free y Pro de WordPress versiones anteriores a 7.6.3, no presentan la autorizaci\u00f3n apropiada en algunos de sus endpoints, lo que podr\u00eda permitir a clientes acceder a todas las reservas y a los datos de otros clientes"
}
],
"id": "CVE-2022-0920",
"lastModified": "2024-11-21T06:39:40.233",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-11T15:15:08.737",
"references": [
{
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/5a5ab7a8-be67-4f70-925c-9cb1eff2fbe0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/5a5ab7a8-be67-4f70-925c-9cb1eff2fbe0"
}
],
"sourceIdentifier": "contact@wpscan.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "contact@wpscan.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-06-08 08:15
Modified
2024-11-21 09:42
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Summary
The Salon booking system plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions hooked into admin_init in all versions up to, and including, 9.9. This makes it possible for authenticated attackers with subscriber access or higher to modify plugin settings and view discount codes intended for other users.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| salonbookingsystem | salon_booking_system | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:salonbookingsystem:salon_booking_system:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "79686948-F4C5-4127-8EC5-877994B66A27",
"versionEndExcluding": "10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Salon booking system plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions hooked into admin_init in all versions up to, and including, 9.9. This makes it possible for authenticated attackers with subscriber access or higher to modify plugin settings and view discount codes intended for other users."
},
{
"lang": "es",
"value": "El complemento Salon booking system para WordPress es vulnerable al acceso no autorizado y a la modificaci\u00f3n de datos debido a una falta de verificaci\u00f3n de capacidad en varias funciones conectadas a admin_init en todas las versiones hasta la 9.9 incluida. Esto hace posible que atacantes autenticados con acceso de suscriptor o superior modifiquen la configuraci\u00f3n del complemento y vean c\u00f3digos de descuento destinados a otros usuarios."
}
],
"id": "CVE-2024-4468",
"lastModified": "2024-11-21T09:42:53.103",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "security@wordfence.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-08T08:15:08.870",
"references": [
{
"source": "security@wordfence.com",
"tags": [
"Product"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php#L10"
},
{
"source": "security@wordfence.com",
"tags": [
"Product"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php#L16"
},
{
"source": "security@wordfence.com",
"tags": [
"Product"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php#L7"
},
{
"source": "security@wordfence.com",
"tags": [
"Product"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Tools.php#L12"
},
{
"source": "security@wordfence.com",
"tags": [
"Product"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Tools.php#L16"
},
{
"source": "security@wordfence.com",
"tags": [
"Product"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Tools.php#L231"
},
{
"source": "security@wordfence.com",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset/3098413/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php"
},
{
"source": "security@wordfence.com",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset/3098413/salon-booking-system/trunk/src/SLN/Admin/Tools.php"
},
{
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8b73f864-68b5-4ba8-93a3-37f2564cc240?source=cve"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php#L10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php#L16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php#L7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Tools.php#L12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Tools.php#L16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Tools.php#L231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset/3098413/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset/3098413/salon-booking-system/trunk/src/SLN/Admin/Tools.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8b73f864-68b5-4ba8-93a3-37f2564cc240?source=cve"
}
],
"sourceIdentifier": "security@wordfence.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-12-05 04:15
Modified
2024-11-21 07:26
Severity ?
Summary
Cross-site scripting vulnerability in Salon booking system versions prior to 7.9 allows a remote unauthenticated attacker to inject an arbitrary script.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| vultures@jpcert.or.jp | https://jvn.jp/en/jp/JVN59663854/index.html | Third Party Advisory | |
| vultures@jpcert.or.jp | https://wordpress.org/plugins/salon-booking-system/ | Product | |
| vultures@jpcert.or.jp | https://www.salonbookingsystem.com/ | Product, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jvn.jp/en/jp/JVN59663854/index.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wordpress.org/plugins/salon-booking-system/ | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.salonbookingsystem.com/ | Product, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| salonbookingsystem | salon_booking_system | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:salonbookingsystem:salon_booking_system:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "B779698D-E26D-4D25-8D44-D72252DFF6C3",
"versionEndExcluding": "7.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in Salon booking system versions prior to 7.9 allows a remote unauthenticated attacker to inject an arbitrary script."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross-Site Scripting en versiones del sistema de reservas Salon anteriores a la 7.9 permite a un atacante remoto no autenticado inyectar un script arbitrario."
}
],
"id": "CVE-2022-43487",
"lastModified": "2024-11-21T07:26:35.263",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-12-05T04:15:10.400",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
],
"url": "https://jvn.jp/en/jp/JVN59663854/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
],
"url": "https://wordpress.org/plugins/salon-booking-system/"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://www.salonbookingsystem.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://jvn.jp/en/jp/JVN59663854/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://wordpress.org/plugins/salon-booking-system/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://www.salonbookingsystem.com/"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-07-12 20:15
Modified
2024-11-21 05:53
Severity ?
Summary
The Salon booking system WordPress plugin before 6.3.1 does not properly sanitise and escape the First Name field when booking an appointment, allowing low privilege users such as subscriber to set JavaScript in them, leading to a Stored Cross-Site Scripting (XSS) vulnerability. The Payload will then be triggered when an admin visits the "Calendar" page and the malicious script is executed in the admin context.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://wpscan.com/vulnerability/e922b788-7da5-43b4-9b05-839c8610252a | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/e922b788-7da5-43b4-9b05-839c8610252a | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| salonbookingsystem | salon_booking_system | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:salonbookingsystem:salon_booking_system:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "DB7E43D9-5428-4BD6-AD92-C5DACACD8DD5",
"versionEndExcluding": "6.3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Salon booking system WordPress plugin before 6.3.1 does not properly sanitise and escape the First Name field when booking an appointment, allowing low privilege users such as subscriber to set JavaScript in them, leading to a Stored Cross-Site Scripting (XSS) vulnerability. The Payload will then be triggered when an admin visits the \"Calendar\" page and the malicious script is executed in the admin context."
},
{
"lang": "es",
"value": "El plugin de WordPress Salon booking system versiones anteriores a 6.3.1, no sanea ni escapa apropiadamente del campo First Name cuando se reserva una cita, permitiendo a usuarios pocos privilegiados, como los suscriptores, introducir JavaScript en ellos, conllevando a una vulnerabilidad de tipo Cross-Site Scripting (XSS) Almacenado. La carga \u00fatil ser\u00e1 desencadenada entonces cuando un administrador visite la p\u00e1gina \"Calendar\" y el script malicioso sea ejecutado en el contexto del administrador"
}
],
"id": "CVE-2021-24429",
"lastModified": "2024-11-21T05:53:03.357",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-07-12T20:15:09.410",
"references": [
{
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/e922b788-7da5-43b4-9b05-839c8610252a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/e922b788-7da5-43b4-9b05-839c8610252a"
}
],
"sourceIdentifier": "contact@wpscan.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "contact@wpscan.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-11 15:15
Modified
2024-11-21 06:39
Severity ?
Summary
The Salon booking system Free and pro WordPress plugins before 7.6.3 do not have proper authorisation when searching bookings, allowing any unauthenticated users to search other's booking, as well as retrieve sensitive information about the bookings, such as the full name, email and phone number of the person who booked it.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://wpscan.com/vulnerability/e8f32e0b-4a89-460b-bb78-7c83ef5e16b4 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/e8f32e0b-4a89-460b-bb78-7c83ef5e16b4 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| salonbookingsystem | salon_booking_system | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:salonbookingsystem:salon_booking_system:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "0AFD6C6A-880C-4655-B82E-30C6FFA6062C",
"versionEndExcluding": "7.6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Salon booking system Free and pro WordPress plugins before 7.6.3 do not have proper authorisation when searching bookings, allowing any unauthenticated users to search other\u0027s booking, as well as retrieve sensitive information about the bookings, such as the full name, email and phone number of the person who booked it."
},
{
"lang": "es",
"value": "Los plugins Salon booking system Free y pro de WordPress versiones anteriores a 7.6.3, no presentan la autorizaci\u00f3n apropiada cuando buscan reservas, lo que permite a cualquier usuario no autenticado buscar las reservas de otros, as\u00ed como recuperar informaci\u00f3n confidencial sobre las reservas, como el nombre completo, el correo electr\u00f3nico y el n\u00famero de tel\u00e9fono de la persona que las reserv\u00f3"
}
],
"id": "CVE-2022-0919",
"lastModified": "2024-11-21T06:39:40.110",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-11T15:15:08.690",
"references": [
{
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/e8f32e0b-4a89-460b-bb78-7c83ef5e16b4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/e8f32e0b-4a89-460b-bb78-7c83ef5e16b4"
}
],
"sourceIdentifier": "contact@wpscan.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "contact@wpscan.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-28 02:15
Modified
2024-11-21 08:17
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Summary
The Salon Booking System plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 8.4.6. This is due to missing or incorrect nonce validation on the 'save_customer' function. This makes it possible for unauthenticated attackers to change the admin role to customer or change the user meta to arbitrary values via a forged request, granted they can trick a site administrator into performing an action such as clicking on a link.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| salonbookingsystem | salon_booking_system | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:salonbookingsystem:salon_booking_system:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "448FEF9C-79E4-447B-ACC5-E7EDDE3CBE0E",
"versionEndIncluding": "8.4.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Salon Booking System plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 8.4.6. This is due to missing or incorrect nonce validation on the \u0027save_customer\u0027 function. This makes it possible for unauthenticated attackers to change the admin role to customer or change the user meta to arbitrary values via a forged request, granted they can trick a site administrator into performing an action such as clicking on a link."
}
],
"id": "CVE-2023-3427",
"lastModified": "2024-11-21T08:17:14.653",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "security@wordfence.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-28T02:15:49.783",
"references": [
{
"source": "security@wordfence.com",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Customers.php?rev=2779160#L68"
},
{
"source": "security@wordfence.com",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=2931406%40salon-booking-system\u0026new=2931406%40salon-booking-system\u0026sfp_email=\u0026sfph_mail="
},
{
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/93875f19-d9b9-4e33-bba9-afc75cf26bf2?source=cve"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Customers.php?rev=2779160#L68"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=2931406%40salon-booking-system\u0026new=2931406%40salon-booking-system\u0026sfp_email=\u0026sfph_mail="
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/93875f19-d9b9-4e33-bba9-afc75cf26bf2?source=cve"
}
],
"sourceIdentifier": "security@wordfence.com",
"vulnStatus": "Modified"
}
Vulnerability from fkie_nvd
Published
2024-08-29 15:15
Modified
2024-09-13 21:04
Severity ?
7.6 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Salon Booking System Salon booking system allows SQL Injection.This issue affects Salon booking system: from n/a through 10.7.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| salonbookingsystem | salon_booking_system | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:salonbookingsystem:salon_booking_system:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "40A7656D-C3F1-418D-822C-45AFF5FF243E",
"versionEndExcluding": "10.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Salon Booking System Salon booking system allows SQL Injection.This issue affects Salon booking system: from n/a through 10.7."
},
{
"lang": "es",
"value": "Vulnerabilidad de neutralizaci\u00f3n incorrecta de elementos especiales utilizados en un comando SQL (\u0027Inyecci\u00f3n SQL\u0027) en Salon Booking System Salon booking system permite la inyecci\u00f3n SQL. Este problema afecta al sistema de reservas de salones: desde n/a hasta 10.7."
}
],
"id": "CVE-2024-39658",
"lastModified": "2024-09-13T21:04:24.760",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 4.7,
"source": "audit@patchstack.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-29T15:15:27.493",
"references": [
{
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
],
"url": "https://patchstack.com/database/vulnerability/salon-booking-system/wordpress-salon-booking-system-plugin-10-7-authenticated-sql-injection-vulnerability?_s_id=cve"
}
],
"sourceIdentifier": "audit@patchstack.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "audit@patchstack.com",
"type": "Primary"
}
]
}
cve-2023-3427
Vulnerability from cvelistv5
Published
2023-06-28 01:48
Modified
2024-11-06 18:52
Severity ?
EPSS score ?
Summary
The Salon Booking System plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 8.4.6. This is due to missing or incorrect nonce validation on the 'save_customer' function. This makes it possible for unauthenticated attackers to change the admin role to customer or change the user meta to arbitrary values via a forged request, granted they can trick a site administrator into performing an action such as clicking on a link.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wordpresschef | Salon booking system |
Version: * ≤ 8.4.7 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:55:03.209Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/93875f19-d9b9-4e33-bba9-afc75cf26bf2?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Customers.php?rev=2779160#L68"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=2931406%40salon-booking-system\u0026new=2931406%40salon-booking-system\u0026sfp_email=\u0026sfph_mail="
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3427",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T18:52:11.496360Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T18:52:24.792Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Salon booking system",
"vendor": "wordpresschef",
"versions": [
{
"lessThanOrEqual": "8.4.7",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lana Codes"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Salon Booking System plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 8.4.6. This is due to missing or incorrect nonce validation on the \u0027save_customer\u0027 function. This makes it possible for unauthenticated attackers to change the admin role to customer or change the user meta to arbitrary values via a forged request, granted they can trick a site administrator into performing an action such as clicking on a link."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-28T01:48:22.850Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/93875f19-d9b9-4e33-bba9-afc75cf26bf2?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Customers.php?rev=2779160#L68"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=2931406%40salon-booking-system\u0026new=2931406%40salon-booking-system\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2023-06-07T00:00:00.000+00:00",
"value": "Discovered"
},
{
"lang": "en",
"time": "2023-06-07T00:00:00.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2023-06-27T00:00:00.000+00:00",
"value": "Disclosed"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2023-3427",
"datePublished": "2023-06-28T01:48:22.850Z",
"dateReserved": "2023-06-27T11:48:55.558Z",
"dateUpdated": "2024-11-06T18:52:24.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-39658
Vulnerability from cvelistv5
Published
2024-08-29 14:42
Modified
2024-08-29 15:41
Severity ?
EPSS score ?
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Salon Booking System Salon booking system allows SQL Injection.This issue affects Salon booking system: from n/a through 10.7.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Salon Booking System | Salon booking system |
Version: n/a < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39658",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T15:41:03.659712Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T15:41:14.948Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "salon-booking-system",
"product": "Salon booking system",
"vendor": "Salon Booking System",
"versions": [
{
"changes": [
{
"at": "10.8",
"status": "unaffected"
}
],
"lessThanOrEqual": "10.7",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "justakazh (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Salon Booking System Salon booking system allows SQL Injection.\u003cp\u003eThis issue affects Salon booking system: from n/a through 10.7.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Salon Booking System Salon booking system allows SQL Injection.This issue affects Salon booking system: from n/a through 10.7."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T14:42:19.396Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/salon-booking-system/wordpress-salon-booking-system-plugin-10-7-authenticated-sql-injection-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 10.8 or a higher version."
}
],
"value": "Update to 10.8 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Salon Booking System plugin \u003c= 10.7 - Authenticated SQL Injection vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-39658",
"datePublished": "2024-08-29T14:42:19.396Z",
"dateReserved": "2024-06-26T21:19:06.155Z",
"dateUpdated": "2024-08-29T15:41:14.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-0920
Vulnerability from cvelistv5
Published
2022-04-11 14:40
Modified
2024-08-02 23:47
Severity ?
EPSS score ?
Summary
The Salon booking system Free and Pro WordPress plugins before 7.6.3 do not have proper authorisation in some of its endpoints, which could allow customers to access all bookings and other customer's data
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/5a5ab7a8-be67-4f70-925c-9cb1eff2fbe0 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Unknown | Salon booking system |
Version: 7.6.3 < 7.6.3 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:47:42.834Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/5a5ab7a8-be67-4f70-925c-9cb1eff2fbe0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Salon booking system",
"vendor": "Unknown",
"versions": [
{
"lessThan": "7.6.3",
"status": "affected",
"version": "7.6.3",
"versionType": "custom"
}
]
},
{
"product": "Salon Booking System Pro",
"vendor": "Unknown",
"versions": [
{
"lessThan": "7.6.3",
"status": "affected",
"version": "7.6.3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Huli from Cymetrics"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Salon booking system Free and Pro WordPress plugins before 7.6.3 do not have proper authorisation in some of its endpoints, which could allow customers to access all bookings and other customer\u0027s data"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T14:40:58",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/5a5ab7a8-be67-4f70-925c-9cb1eff2fbe0"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Salon booking system \u003c 7.6.3 - Customer+ Bookings/Customers Data Disclosure",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2022-0920",
"STATE": "PUBLIC",
"TITLE": "Salon booking system \u003c 7.6.3 - Customer+ Bookings/Customers Data Disclosure"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Salon booking system",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "7.6.3",
"version_value": "7.6.3"
}
]
}
},
{
"product_name": "Salon Booking System Pro",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "7.6.3",
"version_value": "7.6.3"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Huli from Cymetrics"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Salon booking system Free and Pro WordPress plugins before 7.6.3 do not have proper authorisation in some of its endpoints, which could allow customers to access all bookings and other customer\u0027s data"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863 Incorrect Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/5a5ab7a8-be67-4f70-925c-9cb1eff2fbe0",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/5a5ab7a8-be67-4f70-925c-9cb1eff2fbe0"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-0920",
"datePublished": "2022-04-11T14:40:58",
"dateReserved": "2022-03-10T00:00:00",
"dateUpdated": "2024-08-02T23:47:42.834Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-4468
Vulnerability from cvelistv5
Published
2024-06-08 07:37
Modified
2024-08-01 20:40
Severity ?
EPSS score ?
Summary
The Salon booking system plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions hooked into admin_init in all versions up to, and including, 9.9. This makes it possible for authenticated attackers with subscriber access or higher to modify plugin settings and view discount codes intended for other users.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wordpresschef | Salon Booking System |
Version: * ≤ 9.9 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4468",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T20:02:36.336405Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-18T15:14:32.872Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:40:47.152Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8b73f864-68b5-4ba8-93a3-37f2564cc240?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Tools.php#L12"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Tools.php#L16"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Tools.php#L231"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php#L7"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php#L10"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php#L16"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/3098413/salon-booking-system/trunk/src/SLN/Admin/Tools.php"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/3098413/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Salon Booking System",
"vendor": "wordpresschef",
"versions": [
{
"lessThanOrEqual": "9.9",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Stephanie Walters"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Salon booking system plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions hooked into admin_init in all versions up to, and including, 9.9. This makes it possible for authenticated attackers with subscriber access or higher to modify plugin settings and view discount codes intended for other users."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-280 Improper Handling of Insufficient Permissions or Privileges",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-08T07:37:38.584Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8b73f864-68b5-4ba8-93a3-37f2564cc240?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Tools.php#L12"
},
{
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Tools.php#L16"
},
{
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Tools.php#L231"
},
{
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php#L7"
},
{
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php#L10"
},
{
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php#L16"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3098413/salon-booking-system/trunk/src/SLN/Admin/Tools.php"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3098413/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-06-07T19:08:35.000+00:00",
"value": "Disclosed"
}
],
"title": "Salon booking system \u003c= 9.9 - Missing Authorization"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-4468",
"datePublished": "2024-06-08T07:37:38.584Z",
"dateReserved": "2024-05-03T13:03:51.214Z",
"dateUpdated": "2024-08-01T20:40:47.152Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-0919
Vulnerability from cvelistv5
Published
2022-04-11 14:40
Modified
2024-08-02 23:47
Severity ?
EPSS score ?
Summary
The Salon booking system Free and pro WordPress plugins before 7.6.3 do not have proper authorisation when searching bookings, allowing any unauthenticated users to search other's booking, as well as retrieve sensitive information about the bookings, such as the full name, email and phone number of the person who booked it.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/e8f32e0b-4a89-460b-bb78-7c83ef5e16b4 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Unknown | Salon booking system |
Version: 7.6.3 < 7.6.3 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:47:42.636Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/e8f32e0b-4a89-460b-bb78-7c83ef5e16b4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Salon booking system",
"vendor": "Unknown",
"versions": [
{
"lessThan": "7.6.3",
"status": "affected",
"version": "7.6.3",
"versionType": "custom"
}
]
},
{
"product": "Salon Booking System Pro",
"vendor": "Unknown",
"versions": [
{
"lessThan": "7.6.3",
"status": "affected",
"version": "7.6.3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Huli from Cymetrics"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Salon booking system Free and pro WordPress plugins before 7.6.3 do not have proper authorisation when searching bookings, allowing any unauthenticated users to search other\u0027s booking, as well as retrieve sensitive information about the bookings, such as the full name, email and phone number of the person who booked it."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T14:40:56",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/e8f32e0b-4a89-460b-bb78-7c83ef5e16b4"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Salon booking system \u003c 7.6.3 - Unauthenticated Sensitive Data Disclosure",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2022-0919",
"STATE": "PUBLIC",
"TITLE": "Salon booking system \u003c 7.6.3 - Unauthenticated Sensitive Data Disclosure"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Salon booking system",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "7.6.3",
"version_value": "7.6.3"
}
]
}
},
{
"product_name": "Salon Booking System Pro",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "7.6.3",
"version_value": "7.6.3"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Huli from Cymetrics"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Salon booking system Free and pro WordPress plugins before 7.6.3 do not have proper authorisation when searching bookings, allowing any unauthenticated users to search other\u0027s booking, as well as retrieve sensitive information about the bookings, such as the full name, email and phone number of the person who booked it."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/e8f32e0b-4a89-460b-bb78-7c83ef5e16b4",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/e8f32e0b-4a89-460b-bb78-7c83ef5e16b4"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-0919",
"datePublished": "2022-04-11T14:40:56",
"dateReserved": "2022-03-10T00:00:00",
"dateUpdated": "2024-08-02T23:47:42.636Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-24429
Vulnerability from cvelistv5
Published
2021-07-12 19:20
Modified
2024-08-03 19:28
Severity ?
EPSS score ?
Summary
The Salon booking system WordPress plugin before 6.3.1 does not properly sanitise and escape the First Name field when booking an appointment, allowing low privilege users such as subscriber to set JavaScript in them, leading to a Stored Cross-Site Scripting (XSS) vulnerability. The Payload will then be triggered when an admin visits the "Calendar" page and the malicious script is executed in the admin context.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/e922b788-7da5-43b4-9b05-839c8610252a | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Salon Booking System | Salon booking system |
Version: 6.3.1 < 6.3.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:28:23.972Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/e922b788-7da5-43b4-9b05-839c8610252a"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Salon booking system",
"vendor": "Salon Booking System",
"versions": [
{
"lessThan": "6.3.1",
"status": "affected",
"version": "6.3.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Phu Tran from techlabcorp.com"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Salon booking system WordPress plugin before 6.3.1 does not properly sanitise and escape the First Name field when booking an appointment, allowing low privilege users such as subscriber to set JavaScript in them, leading to a Stored Cross-Site Scripting (XSS) vulnerability. The Payload will then be triggered when an admin visits the \"Calendar\" page and the malicious script is executed in the admin context."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-12T19:20:59",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wpscan.com/vulnerability/e922b788-7da5-43b4-9b05-839c8610252a"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Salon Booking System \u003c 6.3.1 - Unauthenticated Stored Cross-Site Scripting (XSS) ",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24429",
"STATE": "PUBLIC",
"TITLE": "Salon Booking System \u003c 6.3.1 - Unauthenticated Stored Cross-Site Scripting (XSS) "
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Salon booking system",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "6.3.1",
"version_value": "6.3.1"
}
]
}
}
]
},
"vendor_name": "Salon Booking System"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Phu Tran from techlabcorp.com"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Salon booking system WordPress plugin before 6.3.1 does not properly sanitise and escape the First Name field when booking an appointment, allowing low privilege users such as subscriber to set JavaScript in them, leading to a Stored Cross-Site Scripting (XSS) vulnerability. The Payload will then be triggered when an admin visits the \"Calendar\" page and the malicious script is executed in the admin context."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/e922b788-7da5-43b4-9b05-839c8610252a",
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/e922b788-7da5-43b4-9b05-839c8610252a"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24429",
"datePublished": "2021-07-12T19:20:59",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:28:23.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-43487
Vulnerability from cvelistv5
Published
2022-12-05 00:00
Modified
2024-08-03 13:32
Severity ?
EPSS score ?
Summary
Cross-site scripting vulnerability in Salon booking system versions prior to 7.9 allows a remote unauthenticated attacker to inject an arbitrary script.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Salon Booking System | Salon booking system |
Version: versions prior to 7.9 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:32:59.593Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://wordpress.org/plugins/salon-booking-system/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.salonbookingsystem.com/"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN59663854/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Salon booking system",
"vendor": "Salon Booking System",
"versions": [
{
"status": "affected",
"version": "versions prior to 7.9"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in Salon booking system versions prior to 7.9 allows a remote unauthenticated attacker to inject an arbitrary script."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-05T00:00:00",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://wordpress.org/plugins/salon-booking-system/"
},
{
"url": "https://www.salonbookingsystem.com/"
},
{
"url": "https://jvn.jp/en/jp/JVN59663854/index.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-43487",
"datePublished": "2022-12-05T00:00:00",
"dateReserved": "2022-10-22T00:00:00",
"dateUpdated": "2024-08-03T13:32:59.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}