Vcita Online Booking & Scheduling Calendar — known CVE vulnerabilities
Every CVE whose affected-product data names Vcita Online Booking & Scheduling Calendar, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (19)
CVE-2025-54677 — CVSS 9.1 (critical): Unrestricted Upload of File with Dangerous Type vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by vcita…
CVE-2023-2298 — CVSS 7.2 (high): The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the…
CVE-2024-5791 — CVSS 7.2 (high): The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the…
CVE-2024-47638 — CVSS 7.1 (high): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in vcita Online Booking & Scheduling…
CVE-2023-39992 — CVSS 7.1 (high): Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in vCita.Com Online Booking & Scheduling Calendar for WordPress by vcita plugin…
CVE-2024-37262 — CVSS 7.1 (high): Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in vCita.Com Online Booking &…
CVE-2024-35761 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in vCita Online Booking &…
CVE-2025-54676 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in vcita Online Booking & Scheduling…
CVE-2024-37499 — CVSS 6.5 (medium): Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in vCita Online Booking & Scheduling Calendar…
CVE-2024-5859 — CVSS 6.1 (medium): The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via…
CVE-2023-2416 — CVSS 5.4 (medium): The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to Cross-Site Request Forgery due to a…
CVE-2024-54356 — CVSS 5.4 (medium): Cross-Site Request Forgery (CSRF) vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by vcita meeting-scheduler-by-vc…
CVE-2023-2415 — CVSS 5.4 (medium): The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to unauthorized modification of data due…
CVE-2024-9872 — CVSS 5.4 (medium): The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to unauthorized modification of data due…
CVE-2023-2414 — CVSS 5.4 (medium): The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to unauthorized modification of data due…
CVE-2025-67559 — CVSS 5.4 (medium): Missing Authorization vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by vcita meeting-scheduler-by-vcita allows…
CVE-2023-2299 — CVSS 5.3 (medium): The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to unauthorized medication of data via…
CVE-2025-67472 — CVSS 4.3 (medium): Cross-Site Request Forgery (CSRF) vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by vcita meeting-scheduler-by-vc…
CVE-2025-32238 — CVSS 4.3 (medium): Generation of Error Message Containing Sensitive Information vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by…