EUVD-2025-2900

Malicious code in bioql PyPI...

CVE-2025-22661

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in vcita Online Payments – Get Paid with PayPal, Square & Stripe paypal-payment-button-by-vcita allows Stored XSS.This issue affects Online Payments – Get Paid with PayPal, Square & Stripe: from n/a...

CVE-2025-22661

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in vcita Online Payments – Get Paid with PayPal, Square & Stripe paypal-payment-button-by-vcita allows Stored XSS.This issue affects Online Payments – Get Paid with PayPal, Square & Stripe: from n/a...

CVE-2025-22661 WordPress Online Payments plugin <= 3.20.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in vcita.com Online Payments – Get Paid with PayPal, Square & Stripe allows Stored XSS. This issue affects Online Payments – Get Paid with PayPal, Square & Stripe: from n/a through 3.20.0...

CVE-2025-22661

CVE-2025-22661 corresponds to an stored cross-site scripting (XSS) flaw in the WordPress plugin “Online Payments – Get Paid with PayPal, Square & Stripe” by vcita. The vulnerability is described as Stored XSS arising during web page generation, affecting versions from n/a up to and including 3.20...

CVE-2024-37262

CVE-2024-37262 is a Reflected XSS affecting the WordPress plugin “Online Booking & Scheduling Calendar for WordPress by vcita” (vcita). Public sources indicate the vulnerability exists in versions up to 4.4.2 (n/a indicates no fixed/explicit start version in the initial report). The issue is a re...

CVE-2023-39992 WordPress Online Booking & Scheduling Calendar for WordPress by vcita Plugin <= 4.3.2 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in vCita.Com Online Booking & Scheduling Calendar for WordPress by vcita plugin = 4.3.2 versions...

CVE-2023-39992

CVE-2023-39992 is an unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability in the vCita.Com Online Booking & Scheduling Calendar for WordPress by vcita plugin, affected versions 4.3.2 (i.e., 4.3.3 or later) and apply any vendor-supplied mitigations. Exploit status in the provided do...

vcita.com XSS vulnerability

Open Bug Bounty ID: OBB-677075 Description| Value ---|--- Affected Website:| vcita.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...