CVE-2024-9872 | vcita Online Booking & Scheduling Calendar Plugin up to 4.5.1 on WordPress Setting vcita_save_user_data_callback cross site scripting

Posted by Angelo Barbosa | Dec 6, 2024 | CVE

A vulnerability classified as problematic was found in vcita Online Booking & Scheduling Calendar Plugin up to 4.5.1 on WordPress. This vulnerability affects the function vcita_save_user_data_callback of the component Setting Handler. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2024-9872. The attack can be initiated remotely. There is no exploit available.

CVE-2024-9872 | vcita Online Booking & Scheduling Calendar Plugin up to 4.5.1 on WordPress Setting vcita_save_user_data_callback cross site scripting

Related Posts

CVE-2020-36828 | DiscuzX up to 3.4-20200818 install_function.php show_next_step uchidden cross site scripting

CVE-2024-33610 | Sharp/Toshiba Tec MFP sessionlist.html authentication bypass

CVE-2024-11374 | TWChat Plugin up to 4.0.4 on WordPress cross site scripting

CVE-2024-22429 | Dell CPG BIOS prior 2.36.0 input validation (dsa-2024-020)