Roundupwp Registrations For The Events Calendar — known CVE vulnerabilities
Every CVE whose affected-product data names Roundupwp Registrations For The Events Calendar, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2021-24943 — CVSS 9.8 (critical): The Registrations for the Events Calendar WordPress plugin before 2.7.6 does not sanitise and escape the event_id in the…
CVE-2024-7982 — CVSS 9.6 (critical): The Registrations for the Events Calendar WordPress plugin before 2.12.4 does not sanitise and escape some parameters when accepting event…
CVE-2024-39638 — CVSS 8.5 (high): Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Roundup WP Registrations for the…
CVE-2021-24876 — CVSS 6.1 (medium): The Registrations for the Events Calendar WordPress plugin before 2.7.5 does not escape the v parameter before outputting it back in an…
CVE-2021-25083 — CVSS 6.1 (medium): The Registrations for the Events Calendar WordPress plugin before 2.7.10 does not escape the qtype parameter before outputting it back in…
CVE-2024-10703 — CVSS 6.1 (medium): The Registrations for the Events Calendar WordPress plugin before 2.13.4 does not sanitise and escape some of its settings, which could…