CVE-2026-11887
Salon Booking System < 10.30.20 - Subscriber+ Booking Approval Bypass
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
The Salon Booking System WordPress plugin before 10.30.20 does not have proper authorisation checks on one of its AJAX actions, allowing any authenticated user, such as a subscriber, to modify a Salon Booking System WordPress plugin before 10.30.20 setting and bypass the manual approval of new bookings.
| Vendor | unknown |
| Product | salon booking system |
| Published | Jul 1, 2026 |
Stay Ahead of the Next One
Get instant alerts for unknown salon booking system
Be the first to know when new unknown vulnerabilities affecting unknown salon booking system are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Unknown / Salon Booking System
0 < 10.30.20
References
Credits
kevin(@OPCIA) WPScan