VYPR
Vendor

Carrcommunications

Products
1
CVEs
8
Across products
8
Status
Private

Products

1

Recent CVEs

8
  • CVE-2022-1768CriJun 13, 2022
    risk 0.71cvss 9.8epss 0.12

    The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to insufficient escaping and parameterization on user supplied data passed to multiple SQL queries in the ~/rsvpmaker-email.php file. This makes it possible for unauthenticated attackers to…

  • CVE-2024-50531CriNov 4, 2024
    risk 0.65cvss 10.0epss 0.01

    Unrestricted Upload of File with Dangerous Type vulnerability in davidfcarr RSVPMaker for Toastmasters rsvpmaker-for-toastmasters allows Upload a Web Shell to a Web Server.This issue affects RSVPMaker for Toastmasters: from n/a through <= 6.2.4.

  • CVE-2023-25054CriDec 29, 2023
    risk 0.65cvss 10.0epss 0.01

    Improper Control of Generation of Code ('Code Injection') vulnerability in David F. Carr RSVPMaker.This issue affects RSVPMaker: from n/a through 10.6.6.

  • CVE-2022-1505CriMay 10, 2022
    risk 0.64cvss 9.8epss 0.02

    The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-api-endpoints.php file. This makes it possible for unauthenticated attackers to steal…

  • CVE-2022-1453CriMay 10, 2022
    risk 0.62cvss 9.8epss 0.07

    The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-util.php file. This makes it possible for unauthenticated attackers to steal sensitive…

  • CVE-2023-41652HigNov 3, 2023
    risk 0.54cvss 8.2epss 0.01

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David F. Carr RSVPMaker rsvpmaker allows SQL Injection.This issue affects RSVPMaker: from n/a through 10.6.6.

  • CVE-2023-25045MedOct 31, 2023
    risk 0.44cvss 6.7epss 0.01

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David F. Carr RSVPMaker allows SQL Injection.This issue affects RSVPMaker: from n/a through 9.9.3.

  • CVE-2023-25047MedOct 31, 2023
    risk 0.36cvss 5.5epss 0.01

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David F. Carr RSVPMaker rsvpmaker allows SQL Injection.This issue affects RSVPMaker: from n/a through 9.9.3.