A vulnerability was found in Dimitri Grassi Salon Booking System Plugin up to 10.30.24 on WordPress and classified as critical . This issue affects some unknown processing. Executing a manipulation can lead to authorization bypass. The identification of this vulnerability is CVE-2026-40768 . The attack may be launched remotely. There is no exploit available.