Lucene search
K

15 matches found

CNNVD
CNNVD
added 2025/12/09 12:0 a.m.3 views

WordPress plugin Online Booking & Scheduling Calendar for WordPress by vcita 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. The WordPress plugin Onli...

8.8CVSS6.5AI score0.00122EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.2 views

WordPress plugin Online Booking & Scheduling Calendar for WordPress by vcita 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

6.5CVSS5.7AI score0.00203EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/12/11 10:20 p.m.3 views

WordPress Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Marek Mikita Patchstack Alliance in WordPress Plugin Online Booking & Scheduling Calendar for WordPress by vcita versions = 4.5...

5.4CVSS7AI score0.00219EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/05 1:3 p.m.23 views

CVE-2024-47638 WordPress Online Booking & Scheduling Calendar for WordPress plugin <= 4.4.6 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in vCita Online Booking & Scheduling Calendar for WordPress by vcita allows Reflected XSS.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through 4.4.6...

7.1CVSS7.1AI score0.00302EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/05 1:3 p.m.32 views

CVE-2024-47638 WordPress Online Booking & Scheduling Calendar for WordPress plugin <= 4.4.6 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by vcita meeting-scheduler-by-vcita allows Reflected XSS.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: fro...

7.1CVSS0.00302EPSS
Exploits0References1
NVD
NVD
added 2024/07/22 9:15 a.m.27 views

CVE-2024-37262

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in vCita.Com Online Booking & Scheduling Calendar for WordPress by vcita allows Reflected XSS.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through...

7.1CVSS0.00308EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/22 9:2 a.m.33 views

CVE-2024-37262 WordPress Online Booking & Scheduling Calendar plugin <= 4.4.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in vCita.Com Online Booking & Scheduling Calendar for WordPress by vcita allows Reflected XSS.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through...

7.1CVSS0.00308EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/09 11:55 a.m.9 views

CVE-2024-37499 WordPress Online Booking & Scheduling Calendar for WordPress plugin <= 4.4.2 - Local File Inclusion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in vCita Online Booking & Scheduling Calendar for WordPress by vcita allows Path Traversal.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through 4.4.2...

6.5CVSS6.9AI score0.00623EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/09 11:55 a.m.15 views

CVE-2024-37499 WordPress Online Booking & Scheduling Calendar for WordPress plugin <= 4.4.2 - Local File Inclusion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in vCita Online Booking & Scheduling Calendar for WordPress by vcita allows Path Traversal.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through 4.4.2...

6.5CVSS0.00623EPSS
Exploits0References1
CVE
CVE
added 2024/06/21 12:38 p.m.55 views

CVE-2024-35761

CVE-2024-35761 affects the WordPress plugin “Online Booking & Scheduling Calendar for WordPress by vcita” and its vulnerable range extends to version 4.4.0. The issue is described as Stored Cross‑Site Scripting caused by improper neutralization of input during web page generation. Remediation: up...

6.5CVSS6.3AI score0.00295EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/02/10 9:15 a.m.6 views

CVE-2024-23517

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Start Booking Scheduling Plugin – Online Booking for WordPress allows Stored XSS.This issue affects Scheduling Plugin – Online Booking for WordPress: from n/a through 3.5.10...

5.4CVSS7.3AI score0.00346EPSS
Exploits0References1
OSV
OSV
added 2023/10/16 8:15 p.m.2 views

CVE-2023-4691

The WordPress Online Booking and Scheduling Plugin WordPress plugin before 22.4 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

7.2CVSS7.3AI score0.00717EPSS
Exploits2References1
NVD
NVD
added 2023/06/03 5:15 a.m.18 views

CVE-2023-2415

The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vcitalogoutcallback function in versions up to, and including, 4.2.10. This makes it possible for authenticated attacker...

5.4CVSS5.1AI score0.00698EPSS
Exploits2References4
CNNVD
CNNVD
added 2023/06/03 12:0 a.m.6 views

WordPress Plugin Online Booking & Scheduling Calendar 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

6.5CVSS6.9AI score0.00394EPSS
Exploits2References4
Cvelist
Cvelist
added 2020/08/26 12:54 p.m.23 views

CVE-2020-24313

Etoile Web Design Ultimate Appointment Booking & Scheduling WordPress Plugin v1.1.9 and lower does not sanitize the value of the "AppointmentID" GET parameter before echoing it back out inside an input tag. This results in a reflected XSS vulnerability that attackers can exploit with a specially...

6.1AI score0.01151EPSS
Exploits2References2
Rows per page
Query Builder