Salon Booking System – Free Version

Vulnerabilities 33Slug salon-booking-systemLatest version 10.30.27WordPress.org →

Minimum safe version

10.30.26

Update to 10.30.26 or later to address 32 fixable vulnerabilities

Latest available10.30.27 ✓⚠ 1 vulnerability has no fix

High 7.5

2026-05-02< 10.30.26

CVE-2026-6320

CVE EUVD Wordfence

N/A

2026-04-21< 10.30.25

Salon Booking System – Free Version <= 10.30.24 - Unauthenticated Insecure Direct Object Reference

Wordfence CVE

Medium 5.3

2025-09-11< 10.24

Salon Booking System <= 10.22 - Missing Authorization to Unauthenticated AJAX Actions Execution

EUVD Wordfence CVE

Medium 6.5

2026-01-22< 10.30.4

CVE-2025-67954

CVE EUVD Wordfence

Medium 4.3

2025-12-09< 10.30.4

CVE-2025-66531

CVE Wordfence

Medium 5.4

2025-05-19< 10.17

CVE-2025-47583

CVE EUVD Wordfence

High 8.8 Unfixed

2025-04-04≤ 10.30.26

WordPress Salon booking system plugin <= 10.30.23 - Broken Access Control vulnerability

CVE Wordfence EUVD

High 7.2

2025-04-01< 10.15

CVE-2025-31560

CVE Patchstack Wordfence EUVD

Medium 4.8

2025-05-15< 10.9.4

Salon Booking System <= 10.9.3 - Authenticated (Administrator+) Stored Cross-Site Scripting

EUVD Wordfence CVE

Medium 6.3

2024-10-16< 7.6.3

Freemius SDK <= 2.4.2 - Missing Authorization Checks

CVE

Medium 4.3

2024-10-05< 10.9.1

CVE-2024-47316

CVE Patchstack Wordfence

Medium 6.1

2024-08-19< 10.9

CVE-2024-43280

CVE Patchstack Wordfence

High 7.2

2024-08-29< 10.8

CVE-2024-39658

CVE Patchstack Wordfence

Critical 9.1

2024-06-24< 10.0

CVE-2024-37231

CVE Patchstack

Critical 9.8

2024-06-19< 10.3

CVE-2024-3229

CVE Wordfence Patchstack

Medium 5.4

2024-06-08< 10.0

CVE-2024-4468

CVE Wordfence Patchstack

Critical 9.1

2024-05-21< 9.9

CVE-2024-4442

CVE Wordfence

Medium 6.3

2024-04-26< 9.6.6

CVE-2024-2603

CVE Patchstack Wordfence

Medium 4.8

2024-04-26< 9.6.6

CVE-2024-2439

CVE Patchstack Wordfence

Medium 4.3

2024-04-26< 9.6.6

CVE-2024-2429

CVE Patchstack Wordfence

Medium 4.7

2024-04-17< 9.6.3

CVE-2024-2102

CVE Wordfence WPScan

Medium 5.7

2024-04-17< 9.6.3

CVE-2024-2101

CVE Patchstack Wordfence WPScan

Critical 9.8

2024-03-29< 9.5.1

CVE-2024-30510

CVE Wordfence Patchstack WPScan

Medium 6.8

2024-05-17< 8.7

CVE-2023-48319

CVE Patchstack Wordfence WPScan

N/A

2023-07-19< 8.4.9

WordPress Salon booking system Plugin <= 8.4.7 is vulnerable to Cross Site Scripting (XSS)

Patchstack WPScan CVE

Medium 4.3

2023-06-28< 8.4.8

CVE-2023-3427

CVE Wordfence Patchstack WPScan

N/A

2022-03-04< 7.6.3

Freemius SDK <= 2.4.2 - Missing Authorization Checks

Wordfence

Medium 6.1

2022-12-05< 7.9.4

CVE-2022-43487

CVE Wordfence WPScan

N/A

2022-11-08< 7.9

WordPress Plugin "Salon booking system" vulnerable to cross-site scripting

JVN

N/A

2022-02-28< 7.6.3

WordPress Salon booking system plugin <= 7.6.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Patchstack

High 7.5

2022-04-11< 7.6.3

CVE-2022-0920

CVE Wordfence Patchstack Patchstack WPScan

Medium 5.3

2022-04-11< 7.6.3

CVE-2022-0919

CVE Wordfence WPScan

Medium 6.1

2021-07-12< 6.3.1

CVE-2021-24429

CVE Patchstack Wordfence WPScan