CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-2415

The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vcita_logout_callback function in versions up to, and including, 4.2.10. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to logout a vctia connected account which would cause a denial of service on the appointment scheduler.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 7.8%

CVSS Severity

CVSS v3 Score 5.4

References

Products affected by CVE-2023-2415

Vcita » Online Booking & Scheduling Calendar » Version: N/A

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar:-
Vcita » Online Booking & Scheduling Calendar » Version: 3.16

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar:3.16
Vcita » Online Booking & Scheduling Calendar » Version: 3.16.1

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar:3.16.1
Vcita » Online Booking & Scheduling Calendar » Version: 4.1

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar:4.1
Vcita » Online Booking & Scheduling Calendar » Version: 4.1.1

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar:4.1.1
Vcita » Online Booking & Scheduling Calendar » Version: 4.1.2

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar:4.1.2
Vcita » Online Booking & Scheduling Calendar » Version: 4.1.3

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar:4.1.3
Vcita » Online Booking & Scheduling Calendar » Version: 4.1.4

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar:4.1.4
Vcita » Online Booking & Scheduling Calendar » Version: 4.1.5

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar:4.1.5
Vcita » Online Booking & Scheduling Calendar » Version: 4.2

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar:4.2
Vcita » Online Booking & Scheduling Calendar » Version: 4.2.1

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar:4.2.1
Vcita » Online Booking & Scheduling Calendar » Version: 4.2.10

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar:4.2.10
Vcita » Online Booking & Scheduling Calendar » Version: 4.2.2

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar:4.2.2
Vcita » Online Booking & Scheduling Calendar » Version: 4.2.3

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar:4.2.3
Vcita » Online Booking & Scheduling Calendar » Version: 4.2.4

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar:4.2.4
Vcita » Online Booking & Scheduling Calendar » Version: 4.2.5

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar:4.2.5
Vcita » Online Booking & Scheduling Calendar » Version: 4.2.6

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar:4.2.6
Vcita » Online Booking & Scheduling Calendar » Version: 4.2.7

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar:4.2.7
Vcita » Online Booking & Scheduling Calendar » Version: 4.2.9

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar:4.2.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-2415

Products

Pricing

Contact Us