CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-9872

The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vcita_save_user_data_callback() function in all versions up to, and including, 4.5.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject malicious web scripts and update settings.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 7.0%

CVSS Severity

CVSS v3 Score 5.4

References

Products affected by CVE-2024-9872

Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: N/A

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:-
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 3.16

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:3.16
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 3.16.1

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:3.16.1
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 4.1

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:4.1
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 4.1.1

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:4.1.1
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 4.1.2

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:4.1.2
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 4.1.3

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:4.1.3
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 4.1.4

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:4.1.4
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 4.1.5

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:4.1.5
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 4.2

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:4.2
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 4.2.1

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:4.2.1
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 4.2.10

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:4.2.10
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 4.2.2

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:4.2.2
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 4.2.3

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:4.2.3
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 4.2.4

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:4.2.4
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 4.2.5

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:4.2.5
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 4.2.6

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:4.2.6
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 4.2.7

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:4.2.7
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 4.2.9

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:4.2.9
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 4.3.0

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:4.3.0
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 4.3.1

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:4.3.1
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 4.3.2

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:4.3.2
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 4.3.3

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:4.3.3
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 4.3.5

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:4.3.5
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 4.4.0

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:4.4.0
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 4.4.2

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:4.4.2
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 4.4.3

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:4.4.3
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 4.4.4

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:4.4.4
Vcita » Online Booking & Scheduling Calendar For Wordpress By Vcita » Version: 4.4.5

cpe:2.3:a:vcita:online_booking_&_scheduling_calendar_for_wordpress_by_vcita:4.4.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-9872

Products

Pricing

Contact Us