WordPress plugin RSVP and Event Management 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress...

EUVD-2026-20191

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Chill RSVP and Event Management rsvp allows Retrieve Embedded Sensitive Data.This issue affects RSVP and Event Management: from n/a through = 2.7.16...

CVE-2026-39536

The CVE-2026-39536 entry concerns the WordPress plugin WP Chill RSVP and Event Management (rsvp) versions

EUVD-2017-9679

Malware in sbrugna...

EUVD-2025-28588

Malicious code in bioql PyPI...

EUVD-2024-51066

Malicious code in bioql PyPI...

EUVD-2022-24400

Malicious code in bioql PyPI...

CVE-2025-5540

The Event RSVP and Simple Event Management Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'emdmbmeta' shortcode in all versions up to, and including, 4.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes...

CVE-2025-5540

The Event RSVP and Simple Event Management Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'emdmbmeta' shortcode in all versions up to, and including, 4.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes...

CVE-2025-5540

CVE-2025-5540 : The WordPress plugin “Event RSVP and Simple Event Management Plugin” is vulnerable to stored XSS via the emd_mb_meta shortcode in all versions up to 4.1.0 due to insufficient input sanitization and output escaping. The vulnerability affects authenticated users with contributor+ pr...

CVE-2025-5540 Event RSVP and Simple Event Management Plugin <= 4.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Event RSVP and Simple Event Management Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'emdmbmeta' shortcode in all versions up to, and including, 4.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes...

CVE-2024-12711

The RSVP and Event Management plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several AJAX functions like bulkdeleteattendees and bulkdeletequestions in all versions up to, and including, 2.7.13. This makes it possible for unauthenticated attackers t...

CVE-2025-24683

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Chill RSVP and Event Management rsvp allows SQL Injection.This issue affects RSVP and Event Management: from n/a through = 2.7.14...

CVE-2025-24683

CVE-2025-24683 concerns the WordPress plugin WPChill RSVP and Event Management . Public records state an SQL injection vulnerability due to improper neutralization of special elements in SQL commands, affecting the plugin versions “n/a through 2.7.14.” The root cause is a failure to properly sani...

WordPress RSVP and Event Management Plugin <= 2.7.14 - SQL Injection vulnerability

SQL Injection vulnerability discovered by AHMAD SOPYAN in WordPress Plugin RSVP and Event Management versions = 2.7.14...

WordPress plugin RSVP and Event Management 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress...

CVE-2023-7170 EventON-RSVP < 2.9.5 - Reflected XSS

The EventON-RSVP WordPress plugin before 2.9.5 does not sanitise and escape some parameters before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

WordPress RSVP and Event Management plugin访问控制错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The WordPress plugin is an application plugin. The WordPress RSVP and Event Management plugin is vulnerable to an access control error that results from...

CVE-2022-1054

The RSVP and Event Management Plugin WordPress plugin before 2.7.8 does not have any authorisation checks when exporting its entries, and has the export function hooked to the init action. As a result, unauthenticated attackers could call it and retrieve PII such as first name, last name and emai...

WordPress RSVP and Event Management plugin <= 2.7.4 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability

Unauthenticated Stored Cross-Site Scripting XSS vulnerability discovered in WordPress RSVP and Event Management plugin versions = 2.7.4. The vulnerability has some limitations in the case of high privilege users. Solution Update the WordPress RSVP and Event Management plugin to the latest availab...