Severity by source
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
7DescriptionCVE.org
Incorrect Privilege Assignment vulnerability in wordpresschef Salon Booking System Pro salon-booking-plugin-pro allows Privilege Escalation.This issue affects Salon Booking System Pro: from n/a through < 10.30.12.
AnalysisAI
An Incorrect Privilege Assignment vulnerability (CWE-266) exists in the Salon Booking System Pro WordPress plugin versions prior to 10.30.12, allowing attackers to escalate privileges and potentially achieve account takeover. The vulnerability affects all versions of the salon-booking-plugin-pro from an unspecified baseline through version 10.30.11. This privilege escalation can be exploited by unauthenticated or low-privileged attackers to gain unauthorized administrative access to the booking system.
Technical ContextAI
The vulnerability resides in the wordpresschef Salon Booking System Pro plugin (CPE: cpe:2.3:a:wordpresschef:salon_booking_system_pro), a WordPress plugin designed to manage salon appointment bookings. The root cause is classified under CWE-266 (Incorrect Privilege Assignment), which occurs when a system assigns privileges incorrectly, allowing attackers to perform actions they should not be permitted to execute. In the context of WordPress plugins, this typically manifests as inadequate capability checks when processing user requests, failing to verify that a user possesses the required role or permission before allowing them to perform sensitive operations such as modifying bookings, accessing customer data, or escalating their account privileges. The plugin's privilege verification logic fails to properly enforce WordPress role-based access control (RBAC), enabling privilege escalation attacks.
RemediationAI
Immediately upgrade Salon Booking System Pro to version 10.30.12 or later, which contains the privilege assignment correction. Access the WordPress plugin repository or the vendor's official distribution channel to obtain the patched version. Site administrators should verify the plugin version in the WordPress admin dashboard under Installed Plugins and enable automatic security updates for this plugin if not already enabled. As an interim precaution before patching, restrict administrative access to the booking system by limiting user roles, implementing Web Application Firewall (WAF) rules to monitor for privilege escalation attempts, and reviewing access logs for unauthorized privilege changes. Additionally, audit all user accounts and reset credentials for users with administrative or elevated privileges to ensure no unauthorized access occurred during the window the vulnerability was present.
Same weakness CWE-266 – Incorrect Privilege Assignment
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-15647
GHSA-3xj3-c6fm-38wm