{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-01T23:58:52.263","vulnerabilities":[{"cve":{"id":"CVE-2025-32220","sourceIdentifier":"audit@patchstack.com","published":"2025-04-04T16:15:31.357","lastModified":"2026-04-28T19:31:32.220","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Missing Authorization vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Salon booking system: from n/a through <= 10.30.23."},{"lang":"es","value":"La vulnerabilidad de falta de autorización en Dimitri Grassi Salon booking system permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta al sistema de reservas del Salón: desde n/d hasta la versión 10.10.7."}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:salonbookingsystem:salon_booking_system:*:*:*:*:*:wordpress:*:*","versionEndIncluding":"10.11","matchCriteriaId":"4C8B7783-1971-4B58-B005-53348E5F38D1"}]}]}],"references":[{"url":"https://patchstack.com/database/Wordpress/Plugin/salon-booking-system/vulnerability/wordpress-salon-booking-system-plugin-10-10-7-broken-access-control-vulnerability?_s_id=cve","source":"audit@patchstack.com","tags":["Third Party Advisory"]}]}}]}