cleantalk
Vulnerabilities and Security Researches

Salon booking system, CVE-2024-2429

CVE, Research URL

CVE-2024-2429

Home page URL

Security reports for Salon booking system

Application

Salon booking system

Published on
Apr 26, 2024
Research Description
The Salon booking system WordPress plugin through 9.6.5 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
Affected versions
max 9.6.6.
Status
vulnerable
Previous vulnerability researches
Salon booking system (CVE-2025-66531) , Dec 11, 2025
Salon booking system (CVE-2025-31560) , Apr 04, 2025
Salon booking system (CVE-2024-37231) , Jun 25, 2024
Salon booking system (CVE-2022-4974) , Nov 15, 2024
Salon booking system (CVE-2025-67954) , Jan 27, 2026
New vulnerability
Coil Web Monetization (CVE-2025-9625) , Apr 24, 2026
Quran Live Multilanguage (CVE-2026-4074) , Apr 24, 2026
WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts (CVE-2025-58269) , Apr 24, 2026
AnyClip Luminous Studio (CVE-2025-58271) , Apr 24, 2026
Getwid – Gutenberg Blocks (CVE-2025-58252) , Apr 24, 2026