Impact
The Salon Booking System WordPress plugin before version 10.30.20 lacks proper authorization checks on an AJAX action that modifies booking approvals. An attacker who can log into the WordPress site as any authenticated user, including subscribers, can change a setting that normally requires manual approval, allowing bookings to be approved without oversight. This vulnerability undermines the intended access controls and could lead to fraudulent or unauthorized appointments, impacting the integrity of the booking database.
Affected Systems
WordPress plugin "Salon Booking System" version 10.30.19 and older. No other affected vendors or product versions have been reported.
Risk and Exploitability
No EPSS score is available and the vulnerability is not listed in CISA KEV. The attack vector is inferred to be an authenticated user on the WordPress site. With legitimate credentials, the attacker can exercise the vulnerable AJAX endpoint, making exploitation straightforward for any user that has logged in. The overall risk is moderate due to the lack of public exploitation data and the reliance on authenticated access, but it still poses a significant threat to booking integrity.
OpenCVE Enrichment