Vulnerabilities > Carrcommunications > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-31 | CVE-2023-25045 | SQL Injection vulnerability in Carrcommunications Rsvpmaker Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David F. | 7.2 |
2023-10-31 | CVE-2023-25047 | SQL Injection vulnerability in Carrcommunications Rsvpmaker Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David F. | 7.2 |
2023-07-10 | CVE-2023-29095 | SQL Injection vulnerability in Carrcommunications Rsvpmaker Auth. | 7.2 |
2022-06-13 | CVE-2022-1768 | Unspecified vulnerability in Carrcommunications Rsvpmaker The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to insufficient escaping and parameterization on user supplied data passed to multiple SQL queries in the ~/rsvpmaker-email.php file. | 7.5 |
2022-05-10 | CVE-2022-1453 | SQL Injection vulnerability in Carrcommunications Rsvpmaker 7.3.9/7.5.3 The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-util.php file. | 7.5 |
2022-05-10 | CVE-2022-1505 | SQL Injection vulnerability in Carrcommunications Rsvpmaker The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-api-endpoints.php file. | 7.5 |