EUVD-2026-36831
GHSA-rpf2-jr33-p9h9
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Plugin endpoint is network-reachable, requires no auth or interaction, and missing authorization yields data disclosure only - no integrity or availability impact.
Primary rating from Vendor (Patchstack).
CVSS VectorVendor: Patchstack
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionCVE.org
Unauthenticated Broken Access Control in Salon booking system <= 10.30.25 versions.
AnalysisAI
Unauthenticated information disclosure in the Salon Booking System WordPress plugin (versions up to and including 10.30.25) allows remote attackers to bypass authorization checks and access sensitive data without credentials. The flaw, tracked by Patchstack and tagged as an authentication bypass, is network-reachable with low complexity and no user interaction. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | No special conditions - remote unauthenticated exploitation against default configurations of the Salon Booking System WordPress plugin at version 10.30.25 or earlier, reachable over standard HTTP/HTTPS, with no user interaction and no authentication required (CVSS AV:N/AC:L/PR:N/UI:N). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) describes a remote, unauthenticated, low-complexity flaw with high confidentiality impact but no integrity or availability impact, yielding a base score of 7.5 - consistent with sensitive data exposure rather than full takeover. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker scans the internet for WordPress sites running Salon Booking System 10.30.25 or earlier, then issues crafted unauthenticated HTTP requests directly to the plugin's vulnerable endpoint to retrieve sensitive booking, customer, or configuration data. Because no authentication, user interaction, or unusual configuration is required, the request can be automated at scale by commodity scanners, and harvested customer PII could feed downstream phishing or fraud campaigns. |
| Remediation | Patch status is not explicitly stated in the provided data; consult the Patchstack advisory at https://patchstack.com/database/wordpress/plugin/salon-booking-system/vulnerability/wordpress-salon-booking-system-plugin-10-30-25-broken-access-control-vulnerability for the fixed version and upgrade to any release after 10.30.25 via the WordPress plugin dashboard. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify all WordPress instances running Salon Booking System plugin and document current versions; enable detailed access logging on affected systems. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More from same product – last 7 days
Share
External POC / Exploit Code
Leaving vuln.today