Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Salon Booking System < 10.30.20 - Subscriber+ Booking Approval Bypass
Vulnerability Description
The Salon Booking System WordPress plugin before 10.30.20 does not have proper authorisation checks on one of its AJAX actions, allowing any authenticated user, such as a subscriber, to modify a Salon Booking System WordPress plugin before 10.30.20 setting and bypass the manual approval of new bookings.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WordPress Salon Booking System 授权问题漏洞
Vulnerability Description
Dimitri Grassi Salon booking system是意大利Dimitri Grassi个人开发者的一个理发店预约系统。 WordPress Salon Booking System 10.30.20之前版本存在授权问题漏洞,该漏洞源于对某AJAX操作的授权检查不当,可能导致任何已认证用户(如订阅者)修改设置并绕过新预订的手动审批。
CVSS Information
N/A
Vulnerability Type
N/A