Carrcommunications
Products
1- 8 CVEs
Recent CVEs
8| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-1768 | Cri | 0.71 | 9.8 | 0.12 | Jun 13, 2022 | The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to insufficient escaping and parameterization on user supplied data passed to multiple SQL queries in the ~/rsvpmaker-email.php file. This makes it possible for unauthenticated attackers to… | ||
| CVE-2024-50531 | Cri | 0.65 | 10.0 | 0.01 | Nov 4, 2024 | Unrestricted Upload of File with Dangerous Type vulnerability in davidfcarr RSVPMaker for Toastmasters rsvpmaker-for-toastmasters allows Upload a Web Shell to a Web Server.This issue affects RSVPMaker for Toastmasters: from n/a through <= 6.2.4. | ||
| CVE-2023-25054 | Cri | 0.65 | 10.0 | 0.01 | Dec 29, 2023 | Improper Control of Generation of Code ('Code Injection') vulnerability in David F. Carr RSVPMaker.This issue affects RSVPMaker: from n/a through 10.6.6. | ||
| CVE-2022-1505 | Cri | 0.64 | 9.8 | 0.02 | May 10, 2022 | The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-api-endpoints.php file. This makes it possible for unauthenticated attackers to steal… | ||
| CVE-2022-1453 | Cri | 0.62 | 9.8 | 0.07 | May 10, 2022 | The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-util.php file. This makes it possible for unauthenticated attackers to steal sensitive… | ||
| CVE-2023-41652 | Hig | 0.54 | 8.2 | 0.01 | Nov 3, 2023 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David F. Carr RSVPMaker rsvpmaker allows SQL Injection.This issue affects RSVPMaker: from n/a through 10.6.6. | ||
| CVE-2023-25045 | Med | 0.44 | 6.7 | 0.01 | Oct 31, 2023 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David F. Carr RSVPMaker allows SQL Injection.This issue affects RSVPMaker: from n/a through 9.9.3. | ||
| CVE-2023-25047 | Med | 0.36 | 5.5 | 0.01 | Oct 31, 2023 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David F. Carr RSVPMaker rsvpmaker allows SQL Injection.This issue affects RSVPMaker: from n/a through 9.9.3. |
- risk 0.71cvss 9.8epss 0.12
The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to insufficient escaping and parameterization on user supplied data passed to multiple SQL queries in the ~/rsvpmaker-email.php file. This makes it possible for unauthenticated attackers to…
- risk 0.65cvss 10.0epss 0.01
Unrestricted Upload of File with Dangerous Type vulnerability in davidfcarr RSVPMaker for Toastmasters rsvpmaker-for-toastmasters allows Upload a Web Shell to a Web Server.This issue affects RSVPMaker for Toastmasters: from n/a through <= 6.2.4.
- risk 0.65cvss 10.0epss 0.01
Improper Control of Generation of Code ('Code Injection') vulnerability in David F. Carr RSVPMaker.This issue affects RSVPMaker: from n/a through 10.6.6.
- risk 0.64cvss 9.8epss 0.02
The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-api-endpoints.php file. This makes it possible for unauthenticated attackers to steal…
- risk 0.62cvss 9.8epss 0.07
The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-util.php file. This makes it possible for unauthenticated attackers to steal sensitive…
- risk 0.54cvss 8.2epss 0.01
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David F. Carr RSVPMaker rsvpmaker allows SQL Injection.This issue affects RSVPMaker: from n/a through 10.6.6.
- risk 0.44cvss 6.7epss 0.01
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David F. Carr RSVPMaker allows SQL Injection.This issue affects RSVPMaker: from n/a through 9.9.3.
- risk 0.36cvss 5.5epss 0.01
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David F. Carr RSVPMaker rsvpmaker allows SQL Injection.This issue affects RSVPMaker: from n/a through 9.9.3.