Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 31 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-67559 WordPress Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.5.5 - Broken Access Control vulnerability vcitaOnline Booking & Scheduling Calendar for WordPress by vcita Medium 5.4 2025-12-09 14:14:09 Deep Dive
CVE-2025-67472 WordPress Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.5.5 - Cross Site Request Forgery (CSRF) vulnerability vcitaOnline Booking & Scheduling Calendar for WordPress by vcita Medium 4.3 2025-12-09 14:13:57 Deep Dive
CVE-2025-54677 WordPress Online Booking & Scheduling Calendar for WordPress by vcita Plugin <= 4.5.3 - Arbitrary File Upload Vulnerability vcitaOnline Booking & Scheduling Calendar for WordPress by vcita Critical 9.1 2025-08-20 08:02:52 Deep Dive
CVE-2025-54676 WordPress Online Booking & Scheduling Calendar for by vcita Plugin plugin <= 4.5.3 - Cross Site Scripting (XSS) Vulnerability vcitaOnline Booking & Scheduling Calendar for WordPress by vcita Medium 6.5 2025-08-14 10:34:42 Deep Dive
CVE-2025-32238 WordPress Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.5.5 - Sensitive Data Exposure vulnerability vcitaOnline Booking & Scheduling Calendar for WordPress by vcita Medium 4.3 2025-04-04 15:59:22 Deep Dive
CVE-2025-23526 WordPress Swift Calendar Online Appointment Scheduling plugin <= 1.3.3 - Reflected Cross Site Scripting (XSS) vulnerability SwiftCloudSwift Calendar Online Appointment Scheduling High 7.1 2025-03-03 13:30:10 Deep Dive
CVE-2024-54356 WordPress Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.5 - Cross Site Request Forgery (CSRF) vulnerability vcitaOnline Booking & Scheduling Calendar for WordPress by vcita Medium 5.4 2024-12-16 14:14:13 Deep Dive
CVE-2024-11275 WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin <= 1.0.27 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Deletion arrayticsTimetics – Appointment Booking & Scheduling Medium 4.3 2024-12-13 08:24:52 Deep Dive
CVE-2024-9872 Online Booking & Scheduling Calendar for WordPress by vcita <= 4.5.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting vcitaOnline Booking & Scheduling Calendar for WordPress by vcita Medium 5.4 2024-12-06 08:24:55 Deep Dive
CVE-2024-9263 WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin <= 1.0.25 - Insecure Direct Object Reference to Unauthenticated Arbitrary User Password/Email Reset/Account Takeover arrayticsTimetics – Appointment Booking & Scheduling Critical 9.8 2024-10-17 03:32:49 Deep Dive
CVE-2024-47638 WordPress Online Booking & Scheduling Calendar for WordPress plugin <= 4.4.6 - Reflected Cross Site Scripting (XSS) vulnerability vcitaOnline Booking & Scheduling Calendar for WordPress by vcita High 7.1 2024-10-05 13:03:22 Deep Dive
CVE-2024-37262 WordPress Online Booking & Scheduling Calendar plugin <= 4.4.2 - Reflected Cross Site Scripting (XSS) vulnerability vCita.comOnline Booking & Scheduling Calendar for WordPress by vcita High 7.1 2024-07-22 09:02:50 Deep Dive
CVE-2024-38678 WordPress Calendar.online / Kalender.digital – Plugin plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability Calendar.onlineCalendar.online / Kalender.digital Medium 6.5 2024-07-20 07:49:28 Deep Dive
CVE-2024-6467 BookingPress Appointment Booking <= 1.1.5 - Authenticated (Subscriber+) Arbitrary File Read to Arbitrary File Creation reputeinfosystemsAppointment Booking Calendar Plugin and Scheduling Plugin – BookingPress High 8.8 2024-07-17 06:45:12 Deep Dive
CVE-2024-6660 BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin <= 1.1.5 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update and Arbitrary File Upload reputeinfosystemsAppointment Booking Calendar Plugin and Scheduling Plugin – BookingPress High 8.8 2024-07-17 06:45:10 Deep Dive
CVE-2024-37499 WordPress Online Booking & Scheduling Calendar for WordPress plugin <= 4.4.2 - Local File Inclusion vulnerability vCitaOnline Booking & Scheduling Calendar for WordPress by vcita Medium 6.5 2024-07-09 11:55:34 Deep Dive
CVE-2024-5791 Appointment Booking and Online Scheduling <= 4.4.2 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting vcitaOnline Booking & Scheduling Calendar for WordPress by vcita High 7.2 2024-06-22 02:01:07 Deep Dive
CVE-2024-35761 WordPress Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.4.0 - Cross Site Scripting (XSS) vulnerability vCitaOnline Booking & Scheduling Calendar for WordPress by vcita Medium 6.5 2024-06-21 12:38:39 Deep Dive
CVE-2024-5859 Appointment Booking and Online Scheduling <= 4.4.2 - Reflected Cross-Site Scripting vcitaOnline Booking & Scheduling Calendar for WordPress by vcita Medium 6.1 2024-06-21 08:39:43 Deep Dive
CVE-2024-1094 Timetics- AI-powered Appointment Booking with Visual Seat Plan and ultimate Calendar Scheduling Plugin <= 1.0.21 - Missing Authorization to Limited Privilege Escalation arrayticsTimetics – Appointment Booking & Scheduling High 7.3 2024-06-14 04:36:55 Deep Dive