The Salon Booking System plugin for WordPress, which helps salons, spas, and small businesses schedule appointments, has a security flaw. This means that anyone, including those who are not authenticated, can trick a site administrator into deleting content by getting them to click on a link. This vulnerability affects all versions up to 10.16.