Sensitive Data Exposure in vcita Online Booking & Scheduling Calendar Plugin for WordPress
CVE-2025-32238
4.3MEDIUM
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 4 April 2025
What is CVE-2025-32238?
A vulnerability exists in the vcita Online Booking & Scheduling Calendar for WordPress that allows attackers to generate error messages revealing sensitive embedded data. This could lead to unauthorized access to confidential information, impacting user privacy and security. The issue affects the plugin versions from n/a up to 4.5.2, emphasizing the need for users to ensure they are running a secured version to protect their data.
Affected Version(s)
Online Booking & Scheduling Calendar for WordPress by vcita <= 4.5.2