The RSVPMaker plugin for WordPress is vulnerable to a type of attack called SQL Injection in versions up to, and including, 7.8.1. This type of attack allows unauthenticated attackers to access sensitive information from the database. This happens because the plugin does not escape the user supplied parameter and does not properly prepare the existing SQL query.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
