Carrcommunications Rsvpmaker — known CVE vulnerabilities
Every CVE whose affected-product data names Carrcommunications Rsvpmaker, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2024-50531 — CVSS 10.0 (critical): Unrestricted Upload of File with Dangerous Type vulnerability in davidfcarr RSVPMaker for Toastmasters rsvpmaker-for-toastmasters allows…
CVE-2023-25054 — CVSS 10.0 (critical): Improper Control of Generation of Code ('Code Injection') vulnerability in David F. Carr RSVPMaker.This issue affects RSVPMaker: from n/a…
CVE-2022-1453 — CVSS 9.8 (critical): The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user…
CVE-2022-1505 — CVSS 9.8 (critical): The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user…
CVE-2022-1768 — CVSS 9.8 (critical): The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to insufficient escaping and parameterization on user…
CVE-2023-41652 — CVSS 8.2 (high): Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David F. Carr RSVPMaker rsvpmaker…
CVE-2023-29095 — CVSS 7.6 (high): Auth. (admin+) SQL Injection (SQLi) vulnerability in David F. Carr RSVPMaker plugin < 10.5.5 versions.
CVE-2023-27616 — CVSS 7.1 (high): Unauth. Stored Cross-Site Scripting (XSS) vulnerability in David F. Carr RSVPMaker plugin <= 10.6.6 versions.
CVE-2023-25045 — CVSS 6.7 (medium): Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David F. Carr RSVPMaker allows SQL…
CVE-2023-27617 — CVSS 5.9 (medium): Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in David F. Carr RSVPMaker plugin <= 10.6.6 versions.
CVE-2023-25047 — CVSS 5.5 (medium): Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David F. Carr RSVPMaker rsvpmaker…
CVE-2021-24371 — CVSS 2.7 (low): The Import feature of the RSVPMaker WordPress plugin before 8.7.3 (/wp-admin/tools.php?page=rsvpmaker_export_screen) takes an URL input and…