CVE-2026-27398

Missing Authorization vulnerability in WP Chill RSVP and Event Management allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects RSVP and Event Management: from n/a through 2.7.16...

CVE-2026-27398

The CVE-2026-27398 entry describes a Missing Authorization vulnerability in the WordPress RSVP and Event Management plugin, affecting versions up to 2.7.16. The issue is classified as a Broken Access Control vulnerability with insecure access configuration allowing exploitation without user inter...

WordPress plugin RSVP and Event Management 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress...

CVE-2026-39536

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Chill RSVP and Event Management rsvp allows Retrieve Embedded Sensitive Data.This issue affects RSVP and Event Management: from n/a through = 2.7.16...

WordPress plugin RSVP and Event Management 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

WordPress MDJM Event Management plugin <= 1.7.8.1 - Missing Authorization to Unauthenticated Arbitrary Custom Event Field Deletion vulnerability

Missing Authorization to Unauthenticated Arbitrary Custom Event Field Deletion vulnerability discovered by Legion Hunter in WordPress Plugin Mobile DJ Manager versions = 1.7.8.1...

CVE-2026-1650 MDJM Event Management <= 1.7.8.1 - Missing Authorization to Unauthenticated Arbitrary Custom Event Field Deletion

The MDJM Event Management plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the 'customfieldscontroller' function in all versions up to, and including, 1.7.8.1. This makes it possible for unauthenticated attackers to delete arbitrary custom...

WordPress plugin MDJM Event Management 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

EUVD-2025-28588

Malicious code in bioql PyPI...

WordPress plugin Eventin 安全漏洞

WordPress Eventin plugin is an event management plugin designed for WordPress that supports event creation, registration, ticketing and calendar synchronization for offline, online and mixed event management. An elevation of privilege vulnerability exists in WordPress Eventin plugin, which stems...

WordPress WP Event Manager Improper Filename Control Vulnerability

WordPress WP Event Manager is an event management plugin designed specifically for WordPress that allows users to create, manage and promote various types of events including conferences, seminars, exhibitions, parties and more. A filename miscontrol vulnerability exists in WordPress WP Event...

CVE-2025-24683

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Chill RSVP and Event Management rsvp allows SQL Injection.This issue affects RSVP and Event Management: from n/a through = 2.7.14...

CVE-2025-24683

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Chill RSVP and Event Management rsvp allows SQL Injection.This issue affects RSVP and Event Management: from n/a through = 2.7.14...

CVE-2025-24683 WordPress RSVP and Event Management Plugin <= 2.7.14 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Chill RSVP and Event Management rsvp allows SQL Injection.This issue affects RSVP and Event Management: from n/a through = 2.7.14...

CVE-2025-22714

CVE-2025-22714 is a WordPress MDJM Event Management vulnerability: Reflected XSS in MDJM Event Management versions up to 1.7.5.5. Public docs list the affected product/version and state the issue is a Cross-Site Scripting in input handling during web page generation. The PT Security entry for thi...

WordPress plugin RSVP and Event Management Plugin 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The WordPress plugin is an application plugin. The WordPress RSVP and Event Management plugin is vulnerable to an access control error that results from...