cleantalk
Vulnerabilities and Security Researches

Online Booking & Scheduling Calendar for WordPress by vcita, CVE-2025-54677

CVE, Research URL

CVE-2025-54677

Home page URL

Security reports for Online Booking & Scheduling Calendar for WordPress by vcita

Application

Online Booking & Scheduling Calendar for WordPress by vcita

Published on
Aug 20, 2025
Research Description
Unrestricted Upload of File with Dangerous Type vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by vcita allows Using Malicious Files. This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through 4.5.3.
Affected versions
Min -, max 4.5.5.
Status
vulnerable
Previous vulnerability researches
Easy Digital Downloads Google Sheet Connector (15a5f778b24e34c8a9f5f1c30ea580c8a86c0dc5) , Jun 06, 2024
New vulnerability
WP Activity Log , Aug 21, 2025
Online Booking & Scheduling Calendar for WordPress by vcita (CVE-2025-54677) , Aug 21, 2025
Superb Addons – WordPress Editor Blocks & Patterns and Elementor Sections & Elements , Aug 21, 2025
PHP Compatibility Checker , Aug 21, 2025
Infility Global (CVE-2025-47650) , Aug 21, 2025