Online Booking & Scheduling Calendar Security Vulnerabilities and Issues — Online Booking & Scheduling Calendar CVE List

Lucene search

VcitaOnline Booking & Scheduling Calendar

4 matches found

CVE•added 2024/06/22 2:15 a.m.•61 views

CVE-2024-5791

The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wp_id' parameter in all versions up to, and including, 4.4.2 due to missing authorization checks on processAction function, as well as insufficient input saniti...

7.2CVSS6.1AI score0.00609EPSS

CVE•added 2024/07/09 12:15 p.m.•46 views

CVE-2024-37499

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in vCita Online Booking & Scheduling Calendar for WordPress by vcita allows Path Traversal.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through 4.4.2.

6.5CVSS6.8AI score0.00445EPSS

CVE•added 2024/06/21 9:15 a.m.•40 views

CVE-2024-5859

The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘d’ parameter in all versions up to, and including, 4.4.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticat...

6.1CVSS6.3AI score0.00609EPSS

CVE•added 2024/07/22 9:15 a.m.•37 views

CVE-2024-37262

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in vCita.Com Online Booking & Scheduling Calendar for WordPress by vcita allows Reflected XSS.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through 4....

7.1CVSS7.1AI score0.00127EPSS