Wordpresschef Salon Booking System – Free Version
7 CVEs affecting Wordpresschef Salon Booking System – Free Version. Latest disclosed: 2026-05-02. Critical: 2, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-3229 | Critical | 9.8 | 2024-06-19 | The Salon booking system plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the SLN_Action_Ajax_ImportAssistan… |
CVE-2024-4442 | Critical | 9.1 | 2024-05-21 | The Salon booking system plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 9.8. This is due to the plugin not… |
CVE-2026-6320 | High | 7.5 | 2026-05-02 | The Salon Booking System – Free Version plugin for WordPress is vulnerable to Arbitrary File Read in versions up to, and including, 10.30.25. This is due to th… |
CVE-2022-4974 | Medium | 6.3 | 2024-10-16 | The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to… |
CVE-2023-3427 | Medium | 5.4 | 2023-06-28 | The Salon Booking System plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 8.4.6. This is due to missing or in… |
CVE-2025-8492 | Medium | 5.3 | 2025-09-11 | The Salon Booking System, Appointment Scheduling for Salons, Spas & Small Businesses plugin for WordPress is vulnerable to unauthorized modification of data du… |
CVE-2024-4468 | Medium | 4.3 | 2024-06-08 | The Salon booking system plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functi… |