Rsvp
by WordPress
Source repositories
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-24683 | Hig | 0.49 | 7.6 | 0.01 | Jan 24, 2025 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Chill RSVP and Event Management rsvp allows SQL Injection.This issue affects RSVP and Event Management: from n/a through <= 2.7.14. | ||
| CVE-2026-39536 | Med | 0.34 | 5.3 | 0.00 | Apr 8, 2026 | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Chill RSVP and Event Management rsvp allows Retrieve Embedded Sensitive Data.This issue affects RSVP and Event Management: from n/a through <= 2.7.16. | ||
| CVE-2024-12711 | Med | 0.34 | 5.3 | 0.00 | Jan 7, 2025 | The RSVP and Event Management plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several AJAX functions like bulk_delete_attendees() and bulk_delete_questions() in all versions up to, and including, 2.7.13. This makes it possible for… | ||
| CVE-2017-18563 | 0.00 | — | 0.01 | Aug 21, 2019 | The rsvp plugin before 2.3.8 for WordPress has persistent XSS via the note field on the attendee-list screen. |
- risk 0.49cvss 7.6epss 0.01
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Chill RSVP and Event Management rsvp allows SQL Injection.This issue affects RSVP and Event Management: from n/a through <= 2.7.14.
- risk 0.34cvss 5.3epss 0.00
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Chill RSVP and Event Management rsvp allows Retrieve Embedded Sensitive Data.This issue affects RSVP and Event Management: from n/a through <= 2.7.16.
- risk 0.34cvss 5.3epss 0.00
The RSVP and Event Management plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several AJAX functions like bulk_delete_attendees() and bulk_delete_questions() in all versions up to, and including, 2.7.13. This makes it possible for…
- CVE-2017-18563Aug 21, 2019risk 0.00cvss —epss 0.01
The rsvp plugin before 2.3.8 for WordPress has persistent XSS via the note field on the attendee-list screen.