WordPress plugin Online Booking & Scheduling Calendar for WordPress by vcita 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. The WordPress plugin Onli...

WordPress plugin Online Booking & Scheduling Calendar for WordPress by vcita 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

WordPress Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Marek Mikita Patchstack Alliance in WordPress Plugin Online Booking & Scheduling Calendar for WordPress by vcita versions = 4.5...

CVE-2024-47638 WordPress Online Booking & Scheduling Calendar for WordPress plugin <= 4.4.6 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by vcita meeting-scheduler-by-vcita allows Reflected XSS.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: fro...

CVE-2024-47638 WordPress Online Booking & Scheduling Calendar for WordPress plugin <= 4.4.6 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in vCita Online Booking & Scheduling Calendar for WordPress by vcita allows Reflected XSS.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through 4.4.6...

CVE-2024-37262

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in vCita.Com Online Booking & Scheduling Calendar for WordPress by vcita allows Reflected XSS.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through...

CVE-2024-37262 WordPress Online Booking & Scheduling Calendar plugin <= 4.4.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in vCita.Com Online Booking & Scheduling Calendar for WordPress by vcita allows Reflected XSS.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through...

CVE-2024-37499 WordPress Online Booking & Scheduling Calendar for WordPress plugin <= 4.4.2 - Local File Inclusion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in vCita Online Booking & Scheduling Calendar for WordPress by vcita allows Path Traversal.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through 4.4.2...

CVE-2024-37499 WordPress Online Booking & Scheduling Calendar for WordPress plugin <= 4.4.2 - Local File Inclusion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in vCita Online Booking & Scheduling Calendar for WordPress by vcita allows Path Traversal.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through 4.4.2...

CVE-2024-35761

CVE-2024-35761 affects the WordPress plugin “Online Booking & Scheduling Calendar for WordPress by vcita” and its vulnerable range extends to version 4.4.0. The issue is described as Stored Cross‑Site Scripting caused by improper neutralization of input during web page generation. Remediation: up...

CVE-2024-23517

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Start Booking Scheduling Plugin – Online Booking for WordPress allows Stored XSS.This issue affects Scheduling Plugin – Online Booking for WordPress: from n/a through 3.5.10...

CVE-2023-4691

The WordPress Online Booking and Scheduling Plugin WordPress plugin before 22.4 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

CVE-2023-2415

The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vcitalogoutcallback function in versions up to, and including, 4.2.10. This makes it possible for authenticated attacker...

WordPress Plugin Online Booking & Scheduling Calendar 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

CVE-2020-24313

Etoile Web Design Ultimate Appointment Booking & Scheduling WordPress Plugin v1.1.9 and lower does not sanitize the value of the "AppointmentID" GET parameter before echoing it back out inside an input tag. This results in a reflected XSS vulnerability that attackers can exploit with a specially...