CVE-2026-39536
- EPSS 0.02%
- Veröffentlicht 08.04.2026 08:30:16
- Zuletzt bearbeitet 13.04.2026 16:16:30
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Chill RSVP and Event Management rsvp allows Retrieve Embedded Sensitive Data.This issue affects RSVP and Event Management: from n/a through <= 2.7.16.
CVE-2024-12711
- EPSS 0.34%
- Veröffentlicht 07.01.2025 12:15:24
- Zuletzt bearbeitet 15.04.2026 00:35:42
The RSVP and Event Management plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several AJAX functions like bulk_delete_attendees() and bulk_delete_questions() in all versions up to, and including, 2.7.13....
CVE-2022-1054
- EPSS 11.55%
- Veröffentlicht 18.04.2022 18:15:08
- Zuletzt bearbeitet 21.11.2024 06:39:56
The RSVP and Event Management Plugin WordPress plugin before 2.7.8 does not have any authorisation checks when exporting its entries, and has the export function hooked to the init action. As a result, unauthenticated attackers could call it and retr...