CVE-2025-67472
- EPSS 0.03%
- Veröffentlicht 09.12.2025 14:13:56
- Zuletzt bearbeitet 20.01.2026 15:19:15
Cross-Site Request Forgery (CSRF) vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by vcita meeting-scheduler-by-vcita allows Cross Site Request Forgery.This issue affects Online Booking & Scheduling Calendar for WordPress by...
CVE-2024-9872
- EPSS 0.15%
- Veröffentlicht 06.12.2024 09:15:09
- Zuletzt bearbeitet 20.02.2026 20:40:34
The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vcita_save_user_data_callback() function in all versions up to, and inclu...
CVE-2024-37499
- EPSS 0.69%
- Veröffentlicht 09.07.2024 12:15:14
- Zuletzt bearbeitet 09.06.2025 20:32:40
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in vCita Online Booking & Scheduling Calendar for WordPress by vcita allows Path Traversal.This issue affects Online Booking & Scheduling Calendar for WordPr...
CVE-2024-35761
- EPSS 0.29%
- Veröffentlicht 21.06.2024 13:15:10
- Zuletzt bearbeitet 20.02.2026 20:41:09
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in vCita Online Booking & Scheduling Calendar for WordPress by vcita allows Stored XSS.This issue affects Online Booking & Scheduling Calendar f...