๐Ÿ” CVE Alert

CVE-2026-11887

UNKNOWN 0.0

Salon Booking System < 10.30.20 - Subscriber+ Booking Approval Bypass

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

The Salon Booking System WordPress plugin before 10.30.20 does not have proper authorisation checks on one of its AJAX actions, allowing any authenticated user, such as a subscriber, to modify a Salon Booking System WordPress plugin before 10.30.20 setting and bypass the manual approval of new bookings.

Vendor unknown
Product salon booking system
Published Jul 1, 2026
Stay Ahead of the Next One

Get instant alerts for unknown salon booking system

Be the first to know when new unknown vulnerabilities affecting unknown salon booking system are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Unknown / Salon Booking System
0 < 10.30.20

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
wpscan.com: https://wpscan.com/vulnerability/ed203765-0482-4d55-b36f-cdab11ed3cf0/

Credits

kevin(@OPCIA) WPScan