CVE-2022-0920
published 2022-04-11CVE-2022-0920: The Salon booking system Free and Pro WordPress plugins before 7.6.3 do not have proper authorisation in some of its endpoints, which could allow customers to…
PriorityP342high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
1.43%
69.7th percentile
The Salon booking system Free and Pro WordPress plugins before 7.6.3 do not have proper authorisation in some of its endpoints, which could allow customers to access all bookings and other customer's data
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| salonbookingsystem | salon_booking_system | < 7.6.3 | 7.6.3 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
cisa6.4MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-9m85-v4hv-p2xv: The Salon booking system Free and Pro WordPress plugins before 7
ghsa_unreviewed·2022-04-12
CVE-2022-0920 [HIGH] CWE-863 GHSA-9m85-v4hv-p2xv: The Salon booking system Free and Pro WordPress plugins before 7
The Salon booking system Free and Pro WordPress plugins before 7.6.3 do not have proper authorisation in some of its endpoints, which could allow customers to access all bookings and other customer's data
CISA
Android Kernel Race Condition Vulnerability
cisa·2022-05-23·CVSS 6.4
CVE-2021-0920 [MEDIUM] CWE-362 Android Kernel Race Condition Vulnerability
Vulnerability: Android Kernel Race Condition Vulnerability
Affected: Android Kernel
Android kernel contains a race condition, which allows for a use-after-free vulnerability. Exploitation can allow for privilege escalation.
Required Action: Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2021-0920
Remediation Due Date: 2022-06-13
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-04-11
Published