← Back

Rsvp And Event Management

rsvp_and_event_management

Vendor: Wpchill • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-1054
1Wpchill
1Rsvp And Event Management
Nov 21, 2024
Apr 18, 2022
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
The RSVP and Event Management Plugin WordPress plugin before 2.7.8 does not have any authorisation checks when exporting its entries, and has the export function hooked to the init action. As a result, unauthenticated at...Show more
The RSVP and Event Management Plugin WordPress plugin before 2.7.8 does not have any authorisation checks when exporting its entries, and has the export function hooked to the init action. As a result, unauthenticated attackers could call it and retrieve PII such as first name, last name and email address of user registered for eventsShow less