Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3
CVE-2024-12711
- EPSS 0.11%
- Veröffentlicht 07.01.2025 12:15:24
- Zuletzt bearbeitet 07.01.2025 12:15:24
The RSVP and Event Management plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several AJAX functions like bulk_delete_attendees() and bulk_delete_questions() in all versions up to, and including, 2.7.13....
5.3
CVE-2022-1054
- EPSS 6.1%
- Veröffentlicht 18.04.2022 18:15:08
- Zuletzt bearbeitet 21.11.2024 06:39:56
The RSVP and Event Management Plugin WordPress plugin before 2.7.8 does not have any authorisation checks when exporting its entries, and has the export function hooked to the init action. As a result, unauthenticated attackers could call it and retr...
1