Refine your search
3 vulnerabilities found for RSVPMarker by davidfcarr
CVE-2025-48278 (GCVE-0-2025-48278)
Vulnerability from cvelistv5
Published
2025-05-19 14:45
Modified
2026-04-01 15:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in davidfcarr RSVPMarker rsvpmaker allows SQL Injection.This issue affects RSVPMarker : from n/a through <= 11.5.6.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| davidfcarr | RSVPMarker |
Version: 0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-48278",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-19T15:07:20.163508Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-19T15:16:36.067Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "rsvpmaker",
"product": "RSVPMarker",
"vendor": "davidfcarr",
"versions": [
{
"changes": [
{
"at": "11.5.7",
"status": "unaffected"
}
],
"lessThanOrEqual": "11.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Martino Spagnuolo (r3verii) | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:40:49.894Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in davidfcarr RSVPMarker rsvpmaker allows SQL Injection.\u003cp\u003eThis issue affects RSVPMarker : from n/a through \u003c= 11.5.6.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in davidfcarr RSVPMarker rsvpmaker allows SQL Injection.This issue affects RSVPMarker : from n/a through \u003c= 11.5.6."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "SQL Injection"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T15:54:31.070Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/rsvpmaker/vulnerability/wordpress-rsvpmarker-11-5-6-sql-injection-vulnerability?_s_id=cve"
}
],
"title": "WordPress RSVPMarker plugin \u003c= 11.5.6 - SQL Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-48278",
"datePublished": "2025-05-19T14:45:26.912Z",
"dateReserved": "2025-05-19T14:13:24.502Z",
"dateUpdated": "2026-04-01T15:54:31.070Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-31552 (GCVE-0-2025-31552)
Vulnerability from cvelistv5
Published
2025-04-01 20:58
Modified
2026-04-01 15:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in davidfcarr RSVPMarker rsvpmaker allows SQL Injection.This issue affects RSVPMarker : from n/a through <= 11.6.7.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| davidfcarr | RSVPMarker |
Version: 0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-31552",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-02T13:22:09.680763Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-02T13:22:17.806Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "rsvpmaker",
"product": "RSVPMarker",
"vendor": "davidfcarr",
"versions": [
{
"changes": [
{
"at": "11.6.8",
"status": "unaffected"
}
],
"lessThanOrEqual": "11.6.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Aiden | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:37:17.034Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in davidfcarr RSVPMarker rsvpmaker allows SQL Injection.\u003cp\u003eThis issue affects RSVPMarker : from n/a through \u003c= 11.6.7.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in davidfcarr RSVPMarker rsvpmaker allows SQL Injection.This issue affects RSVPMarker : from n/a through \u003c= 11.6.7."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "SQL Injection"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T15:49:02.624Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/rsvpmaker/vulnerability/wordpress-rsvpmarker-plugin-11-4-8-sql-injection-vulnerability?_s_id=cve"
}
],
"title": "WordPress RSVPMarker plugin \u003c= 11.6.7 - SQL Injection vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-31552",
"datePublished": "2025-04-01T20:58:12.477Z",
"dateReserved": "2025-03-31T10:05:28.896Z",
"dateUpdated": "2026-04-01T15:49:02.624Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-24600 (GCVE-0-2025-24600)
Vulnerability from cvelistv5
Published
2025-01-27 14:22
Modified
2026-04-01 15:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-862 - Missing Authorization
Summary
Missing Authorization vulnerability in davidfcarr RSVPMarker rsvpmaker.This issue affects RSVPMarker : from n/a through <= 11.4.5.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| davidfcarr | RSVPMarker |
Version: 0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24600",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T15:01:41.251467Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:01:11.968Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "rsvpmaker",
"product": "RSVPMarker",
"vendor": "davidfcarr",
"versions": [
{
"changes": [
{
"at": "11.4.6",
"status": "unaffected"
}
],
"lessThanOrEqual": "11.4.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mika | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:34:01.444Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing Authorization vulnerability in davidfcarr RSVPMarker rsvpmaker.\u003cp\u003eThis issue affects RSVPMarker : from n/a through \u003c= 11.4.5.\u003c/p\u003e"
}
],
"value": "Missing Authorization vulnerability in davidfcarr RSVPMarker rsvpmaker.This issue affects RSVPMarker : from n/a through \u003c= 11.4.5."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T15:44:13.346Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/rsvpmaker/vulnerability/wordpress-rsvpmaker-plugin-11-4-5-broken-access-control-vulnerability?_s_id=cve"
}
],
"title": "WordPress RSVPMaker plugin \u003c= 11.4.5 - Broken Access Control vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-24600",
"datePublished": "2025-01-27T14:22:15.699Z",
"dateReserved": "2025-01-23T14:50:57.839Z",
"dateUpdated": "2026-04-01T15:44:13.346Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}