EUVD-2026-37604Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Network-reachable WordPress plugin endpoint with no auth or interaction (AV:N/AC:L/PR:N/UI:N); IDOR yields per-record read/modify/cancel impact, so C/I/A are Low and scope unchanged.
Primary rating from Vendor (Patchstack).
CVSS VectorVendor: Patchstack
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
1DescriptionCVE.org
Unauthenticated Insecure Direct Object References (IDOR) in Salon booking system <= 10.30.24 versions.
AnalysisAI
Unauthenticated Insecure Direct Object Reference in the Salon Booking System WordPress plugin (versions <= 10.30.24) allows remote attackers to access or manipulate booking objects belonging to other users by tampering with object identifiers in requests. The flaw was reported by Patchstack and affects the dimitri_grassi salon_booking_system plugin per the provided CPE, with no public exploit identified at time of analysis.
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | The target WordPress site must have the Salon Booking System plugin (by Dimitri Grassi) installed and active at version 10.30.24 or earlier, with the vulnerable booking-object endpoint reachable over the network - the CVSS vector AV:N/AC:L/PR:N/UI:N indicates no authentication, no user interaction, and no special configuration is required beyond a default deployment. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The signals are mixed-to-moderate: CVSS 3.1 base 7.3 (AV:N/AC:L/PR:N/UI:N) makes this trivially reachable over the network with no authentication or user interaction, but the impact metrics are only Low across C/I/A, suggesting bounded per-record exposure rather than full takeover. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An unauthenticated attacker enumerates sequential or guessable booking identifiers against a public Salon Booking System endpoint on a target WordPress site and submits requests that reference another customer's booking ID. Because authorization is not enforced against the supplied identifier, the attacker reads or modifies bookings belonging to other customers (e.g., viewing personal details, cancelling appointments, or altering reservation data). … |
| Remediation | Patch available per vendor advisory: upgrade the Salon Booking System WordPress plugin to a release newer than 10.30.24 as published by the vendor and tracked in the Patchstack advisory at https://patchstack.com/database/wordpress/plugin/salon-booking-system/vulnerability/wordpress-salon-booking-system-plugin-10-30-24-insecure-direct-object-references-idor-vulnerability; an exact fixed version is not enumerated in the supplied data, so verify the current plugin release on the WordPress.org listing before deploying. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
24 hours: Audit deployed plugin versions across all WordPress environments; check access logs for suspicious booking modifications; assess number of potentially exposed customer records. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More from same product – last 7 days
Share
External POC / Exploit Code
Leaving vuln.today