Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 11:0 p.m.7 views

CVE-2022-1505

The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-api-endpoints.php file. This makes it possible for unauthenticated attackers to steal sensitive informati...

9.8CVSS6.8AI score0.01818EPSS
Exploits0References1
Prion
Prion
added 2022/06/13 2:15 p.m.21 views

Sql injection

The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to insufficient escaping and parameterization on user supplied data passed to multiple SQL queries in the /rsvpmaker-email.php file. This makes it possible for unauthenticated attackers to steal sensitive...

5CVSS7.5AI score0.12003EPSS
Exploits3References5Affected Software1
Vulnrichment
Vulnrichment
added 2022/05/10 7:35 p.m.7 views

CVE-2022-1505 RSVPMaker <= 9.2.6 - Unauthenticated SQL Injection

The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-api-endpoints.php file. This makes it possible for unauthenticated attackers to steal sensitive informati...

9.8CVSS7.1AI score0.01818EPSS
Exploits0References3
CVE
CVE
added 2022/05/10 7:35 p.m.2392 views

CVE-2022-1505

The RSVPMaker WordPress plugin has an unauthenticated SQL Injection in rsvpmaker-api-endpoints.php (and related ~rsvpmaker-email.php) due to insufficient escaping/parameterization. Affects versions up to 9.2.6 per CVE-2022-1505; impact is disclosure of database data. Connected sources reiterate t...

9.8CVSS7.5AI score0.01818EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder