Medium severity4.3NVD Advisory· Published Dec 9, 2025· Updated Apr 27, 2026
CVE-2025-67472
CVE-2025-67472
Description
Cross-Site Request Forgery (CSRF) vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by vcita meeting-scheduler-by-vcita allows Cross Site Request Forgery.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through <= 4.5.5.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:vcita:online_booking_\&_scheduling_calendar:*:*:*:*:*:wordpress:*:*+ 1 more
- cpe:2.3:a:vcita:online_booking_\&_scheduling_calendar:*:*:*:*:*:wordpress:*:*range: <4.6.0
- (no CPE)range: <= 4.5.5
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.