5 matches found
RSVPMaker <= 9.2.5 - SQL Injection
The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-util.php file. This makes it possible for unauthenticated attackers to steal sensitive information from t...
CVE-2022-1453
The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-util.php file. This makes it possible for unauthenticated attackers to steal sensitive information from t...
Sql injection
The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to insufficient escaping and parameterization on user supplied data passed to multiple SQL queries in the /rsvpmaker-email.php file. This makes it possible for unauthenticated attackers to steal sensitive...
CVE-2022-1453
The RSVPMaker WordPress plugin is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization in user-supplied data passed to a SQL query in rsvpmaker-util.php. This affects versions up to and including 9.2.5. Multiple connected sources confirm the flaw and its im...
CVE-2022-1453 RSVPMaker <= 9.2.5 - Unauthenticated SQL Injection
The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-util.php file. This makes it possible for unauthenticated attackers to steal sensitive information from t...