Lucene search

K
CarrcommunicationsRsvpmaker*

9 matches found

CVE
CVE
added 2022/05/10 8:15 p.m.2376 views

CVE-2022-1505

The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-api-endpoints.php file. This makes it possible for unauthenticated attackers to steal sensitive information...

9.8CVSS7.5AI score0.0343EPSS
CVE
CVE
added 2022/05/10 8:15 p.m.139 views

CVE-2022-1453

The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-util.php file. This makes it possible for unauthenticated attackers to steal sensitive information from the...

9.8CVSS7.4AI score0.06415EPSS
CVE
CVE
added 2019/08/27 12:15 p.m.45 views

CVE-2018-21004

The rsvpmaker plugin before 5.6.4 for WordPress has SQL injection.

9.8CVSS9.9AI score0.00652EPSS
CVE
CVE
added 2021/08/02 11:15 a.m.40 views

CVE-2021-24371

The Import feature of the RSVPMaker WordPress plugin before 8.7.3 (/wp-admin/tools.php?page=rsvpmaker_export_screen) takes an URL input and calls curl on it, without first validating it to ensure it's a remote one. As a result, a high privilege user could use that feature to scan the internal netwo...

4CVSS3.5AI score0.00224EPSS
Web
CVE
CVE
added 2024/11/04 2:15 p.m.39 views

CVE-2024-50531

Unrestricted Upload of File with Dangerous Type vulnerability in David F. Carr RSVPMaker for Toastmasters allows Upload a Web Shell to a Web Server.This issue affects RSVPMaker for Toastmasters: from n/a through 6.2.4.

10CVSS9.5AI score0.00459EPSS
CVE
CVE
added 2019/08/27 12:15 p.m.38 views

CVE-2019-15646

The rsvpmaker plugin before 6.2 for WordPress has SQL injection.

9.8CVSS9.9AI score0.00652EPSS
CVE
CVE
added 2023/09/27 3:18 p.m.31 views

CVE-2023-27617

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in David F. Carr RSVPMaker plugin

5.9CVSS5AI score0.00116EPSS
CVE
CVE
added 2023/09/27 3:18 p.m.26 views

CVE-2023-27616

Unauth. Stored Cross-Site Scripting (XSS) vulnerability in David F. Carr RSVPMaker plugin

7.1CVSS5.8AI score0.00167EPSS
CVE
CVE
added 2023/07/10 4:15 p.m.24 views

CVE-2023-29095

Auth. (admin+) SQL Injection (SQLi) vulnerability in David F. Carr RSVPMaker plugin

7.6CVSS7.8AI score0.00164EPSS