WordPress RSVP and Event Management plugin <= 2.7.7 - Unauthenticated Entries Export vulnerability

2022-03-2800:00:00

Daniel Ruf

patchstack.com

0.003 Low

EPSS

Percentile

69.3%

Unauthenticated Entries Export vulnerability discovered by Daniel Ruf in WordPress RSVP and Event Management plugin (versions <= 2.7.7).

Solution

           Update the WordPress RSVP and Event Management plugin to the latest available version (at least 2.7.8).

CPENameOperatorVersion
rsvp and event management pluginle2.7.7

CPE	Name	Operator	Version
	rsvp and event management plugin	le	2.7.7

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1054

wordpress.org/plugins/rsvp/#developers

wpscan.com/vulnerability/95a5fad1-e823-4571-8640-19bf5436578d

0.003 Low

EPSS

Percentile

69.3%

Related for PATCHSTACK:2495C22E9937733366FA0AFB72F59457