Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Mon, 06 Jul 2026 20:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-284 CWE-732 |
Mon, 06 Jul 2026 07:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-284 |
Sun, 05 Jul 2026 19:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-284 |
Sat, 04 Jul 2026 22:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-284 |
Sat, 04 Jul 2026 03:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-284 |
Fri, 03 Jul 2026 16:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-284 CWE-285 |
Fri, 03 Jul 2026 05:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-284 CWE-285 |
Thu, 02 Jul 2026 22:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-284 CWE-285 |
Thu, 02 Jul 2026 14:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-284 CWE-285 |
Thu, 02 Jul 2026 06:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-284 |
Wed, 01 Jul 2026 22:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-284 |
Wed, 01 Jul 2026 18:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-284 CWE-285 |
Wed, 01 Jul 2026 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Salonbookingsystem
Salonbookingsystem salon Booking System Wordpress Wordpress wordpress |
|
| Vendors & Products |
Salonbookingsystem
Salonbookingsystem salon Booking System Wordpress Wordpress wordpress |
Wed, 01 Jul 2026 11:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
Wed, 01 Jul 2026 09:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-284 CWE-285 |
Wed, 01 Jul 2026 06:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The Salon Booking System WordPress plugin before 10.30.20 does not have proper authorisation checks on one of its AJAX actions, allowing any authenticated user, such as a subscriber, to modify a Salon Booking System WordPress plugin before 10.30.20 setting and bypass the manual approval of new bookings. | |
| Title | Salon Booking System < 10.30.20 - Subscriber+ Booking Approval Bypass | |
| References |
|
Status: PUBLISHED
Assigner: WPScan
Published:
Updated: 2026-07-01T10:16:01.889Z
Reserved: 2026-06-10T14:21:57.118Z
Link: CVE-2026-11887
Updated: 2026-07-01T10:15:58.025Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-07T20:45:03Z