📦 Online Booking \& Scheduling Calendar

This vulnerability allows attackers to upload malicious files to WordPress sites using the vcita Online Booking & Scheduling Calendar plugin. Attackers can upload dangerous file types like PHP scripts...

This CSRF vulnerability in vcita's WordPress booking plugin allows attackers to trick authenticated administrators into performing unintended actions, such as changing plugin settings or potentially c...

This vulnerability allows attackers to inject malicious scripts into web pages generated by the vCita Online Booking & Scheduling Calendar WordPress plugin. When users visit a specially crafted URL, t...

This vulnerability allows attackers to inject malicious scripts into web pages generated by the vCita Online Booking & Scheduling Calendar WordPress plugin. When users visit a specially crafted URL, t...

This vulnerability allows unauthenticated attackers to inject malicious scripts via the 'wp_id' parameter in the vcita WordPress plugin. The scripts execute when users access the WordPress admin dashb...

This stored XSS vulnerability in the vcita WordPress plugin allows unauthenticated attackers to inject malicious JavaScript via the 'business_id' parameter. The injected scripts execute whenever users...

This CVE describes a Missing Authorization vulnerability in the vcita Online Booking & Scheduling Calendar WordPress plugin that allows attackers to exploit incorrectly configured access control secur...

This stored cross-site scripting (XSS) vulnerability in the vcita Online Booking & Scheduling Calendar WordPress plugin allows attackers to inject malicious scripts into web pages that are then execut...

This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to inject malicious scripts and modify plugin settings without proper authorization. It affects all WordP...

This path traversal vulnerability in the vCita Online Booking & Scheduling Calendar WordPress plugin allows attackers to access files outside the intended directory. It affects WordPress sites using t...

This stored XSS vulnerability in the vCita Online Booking & Scheduling Calendar WordPress plugin allows attackers to inject malicious scripts into web pages. When users view affected pages, the script...