373 matches found
WordPress RSVP and Event Management <2.7.8 - Missing Authorization
WordPress RSVP and Event Management plugin before 2.7.8 is susceptible to missing authorization. The plugin does not have any authorization checks when exporting its entries, and the export function is hooked to the init action. An attacker can potentially retrieve sensitive information such as...
CVE-2017-20268
Joomla! Component Zap Calendar Lite 4.3.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'eid' parameter. Attackers can send GET requests to the RSVP plugin endpoint with crafted SQL payloads t...
CVE-2017-20268 Joomla! Component Zap Calendar Lite 4.3.4 SQL Injection
Joomla! Component Zap Calendar Lite 4.3.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'eid' parameter. Attackers can send GET requests to the RSVP plugin endpoint with crafted SQL payloads t...
EUVD-2017-18995
Joomla! Component Zap Calendar Lite 4.3.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'eid' parameter. Attackers can send GET requests to the RSVP plugin endpoint with crafted SQL payloads t...
CVE-2017-20268
The CVE covers Joomla! component Zap Calendar Lite 4.3.4, where an SQL injection via the eid parameter allows unauthenticated attackers to execute arbitrary SQL queries. Attack vectors include sending crafted GET requests to the RSVP endpoint to extract sensitive information, such as database nam...
CVE-2017-20268
Joomla! Component Zap Calendar Lite 4.3.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'eid' parameter. Attackers can send GET requests to the RSVP plugin endpoint with crafted SQL payloads t...
PT-2026-50949
Name of the Vulnerable Software and Affected Versions Zap Calendar Lite version 4.3.4 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the eid parameter. Attackers can send GET requests to the RSVP plugin endpoint t...
EUVD-2026-37841
The Event Koi Lite – Events Calendar, Event Management, RSVP, and Tickets plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.13.1 via the getevents. This makes it possible for unauthenticated attackers to extract sensitive data including...
CVE-2026-27398
Missing Authorization vulnerability in WP Chill RSVP and Event Management allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects RSVP and Event Management: from n/a through 2.7.16...
CVE-2026-27398
Missing Authorization vulnerability in WP Chill RSVP and Event Management allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects RSVP and Event Management: from n/a through 2.7.16...
CVE-2026-27398 WordPress RSVP and Event Management plugin <= 2.7.16 - Broken Access Control vulnerability
Missing Authorization vulnerability in WP Chill RSVP and Event Management allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects RSVP and Event Management: from n/a through 2.7.16...
EUVD-2026-31756
Missing Authorization vulnerability in WP Chill RSVP and Event Management allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects RSVP and Event Management: from n/a through 2.7.16...
PT-2026-43141
Name of the Vulnerable Software and Affected Versions WP Chill RSVP and Event Management versions prior to 2.7.17 Description A missing authorization issue exists due to incorrectly configured access control security levels, which allows for broken access control. Recommendations Update to a...
WordPress plugin RSVP and Event Management 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress...
CVE-2026-39536
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Chill RSVP and Event Management rsvp allows Retrieve Embedded Sensitive Data.This issue affects RSVP and Event Management: from n/a through = 2.7.16...
EUVD-2026-20191
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Chill RSVP and Event Management rsvp allows Retrieve Embedded Sensitive Data.This issue affects RSVP and Event Management: from n/a through = 2.7.16...
CVE-2026-39536
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Chill RSVP and Event Management rsvp allows Retrieve Embedded Sensitive Data.This issue affects RSVP and Event Management: from n/a through = 2.7.16...
CVE-2026-39536 WordPress RSVP and Event Management plugin <= 2.7.16 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Chill RSVP and Event Management rsvp allows Retrieve Embedded Sensitive Data.This issue affects RSVP and Event Management: from n/a through = 2.7.16...
CVE-2026-39536 WordPress RSVP and Event Management plugin <= 2.7.16 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Chill RSVP and Event Management rsvp allows Retrieve Embedded Sensitive Data.This issue affects RSVP and Event Management: from n/a through = 2.7.16...
CVE-2026-39536
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Chill RSVP and Event Management rsvp allows Retrieve Embedded Sensitive Data.This issue affects RSVP and Event Management: from n/a through = 2.7.16...