Update the WordPress RSVPMaker plugin to the latest available version (at least 9.3.3).
Muhammad Zeeshan (Xib3rR4dAr) discovered and reported this SQL Injection vulnerability in WordPress RSVPMarker Plugin. This could allow a malicious actor to directly interact with your database, including but not limited to stealing information and creating new administrator accounts. This vulnerability has been fixed in version 9.3.3.
Unauthenticated SQL Injection (SQLi) vulnerability
27.04.2022
Unauthenticated SQL Injection (SQLi) vulnerability
26.04.2022
Authenticated ServerSide Request Forgery (SSRF) vulnerability
29.06.2021
Unauthenticated SQL Injection (SQLi) vulnerability
22.08.2020
SQL Injection (SQLi) vulnerability
28.04.2019