cleantalk
Vulnerabilities and Security Researches

Online Booking & Scheduling Calendar for WordPress by vcita, CVE-2023-39992

CVE, Research URL

CVE-2023-39992

Home page URL

Security reports for Online Booking & Scheduling Calendar for WordPress by vcita

Application

Online Booking & Scheduling Calendar for WordPress by vcita

Published on
Sep 04, 2023
Research Description
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in vCita.Com Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.3.2 versions.
Affected versions
Min -, max 4.3.3.
Status
vulnerable
Previous vulnerability researches
Contact Form Builder by vcita (CVE-2024-10056) , Dec 06, 2024
Contact Form Builder by vcita (CVE-2025-32199) , Apr 11, 2025
Contact Form Builder by vcita (CVE-2023-2301) , Jun 07, 2024
Contact Form Builder by vcita (CVE-2023-2300) , Jun 07, 2024
Contact Form Builder by vcita (CVE-2023-2303) , Jun 07, 2024
New vulnerability
Cost Calculator Builder (CVE-2025-39587) , Apr 19, 2025
Klarna Checkout for WooCommerce (CVE-2024-13925) , Apr 19, 2025
WordPress Button Plugin MaxButtons (CVE-2025-39444) , Apr 19, 2025
Course Booking System (CVE-2025-32508) , Apr 19, 2025
Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Wo (CVE-2025-39588) , Apr 19, 2025