cleantalk
Vulnerabilities and Security Researches

Salon booking system, CVE-2024-2429

CVE, Research URL

CVE-2024-2429

Home page URL

Security reports for Salon booking system

Application

Salon booking system

Published on
Apr 26, 2024
Research Description
The Salon booking system WordPress plugin through 9.6.5 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
Affected versions
Min -, max 9.6.6.
Status
vulnerable
Previous vulnerability researches
Salon booking system (CVE-2025-31560) , Apr 04, 2025
Salon booking system (CVE-2024-37231) , Jun 25, 2024
Salon booking system (CVE-2022-4974) , Nov 15, 2024
Salon booking system (CVE-2024-9882) , Nov 17, 2024
Salon booking system (CVE-2024-4468) , Jun 10, 2024
New vulnerability
Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links (CVE-2025-1264) , Apr 07, 2025
Advanced All in One Admin Search by WP Spotlight (CVE-2025-32261) , Apr 06, 2025
Free Booking Plugin for Hotels, Restaurant and Car Rental – eaSYNC (CVE-2025-32219) , Apr 06, 2025
Salon booking system (CVE-2025-32220) , Apr 06, 2025
1 Click WordPress Migration Plugin – 100% FREE for a limited time (CVE-2025-32257) , Apr 06, 2025