A vulnerability labeled as problematic has been found in wordpresschef Salon Booking System Plugin up to 10.30.32. This vulnerability affects the function setCustomText of the file translate-constants.php of the component Admin Interface. Executing a manipulation of the argument Value can lead to cross-site request forgery.

This vulnerability is registered as CVE-2026-15070. It is possible to launch the attack remotely. No exploit is available.