GCVE - cpe:2.3:a:wp_chill:rsvp_and_event_management:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:wp_chill:rsvp_and_event_management:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Wp Chill (`c87967c6-0b6d-5dd5-8fe3-9dfb084bfc47`)
Product	Rsvp And Event Management (`ffd9f655-8165-5990-b185-15f1a0af73af`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2026-39536`	vulnerable	2026-06-03 15:22:12.683138	WordPress RSVP and Event Management plugin <= 2.7.16 - Sensitive Data Exposure vulnerability MEDIUM (5.3) Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Chill RSVP and Event Management rsvp allows Retrieve Embedded Sensitive Data.This issue affects RSVP and Event Management: from n/a through <= 2.7.16. Published: 2026-04-08T08:30:16.908Z Updated: 2026-04-29T09:52:02.098Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/rsvp/vulnerability/wordpress-rsvp-and-event-management-plugin-2-7-16-sensitive-data-exposure-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-27398`	vulnerable	2026-06-03 15:18:06.445967	WordPress RSVP and Event Management plugin <= 2.7.16 - Broken Access Control vulnerability MEDIUM (5.3) Missing Authorization vulnerability in WP Chill RSVP and Event Management allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects RSVP and Event Management: from n/a through 2.7.16. Published: 2026-05-25T21:56:44.615Z Updated: 2026-05-26T15:19:25.282Z Open on db.gcve.eu Reference links https://patchstack.com/database/wordpress/plugin/rsvp/vulnerability/wordpress-rsvp-and-event-management-plugin-2-7-16-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-24683`	vulnerable	2026-06-03 14:59:56.618143	WordPress RSVP and Event Management Plugin <= 2.7.14 - SQL Injection vulnerability HIGH (7.6) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Chill RSVP and Event Management rsvp allows SQL Injection.This issue affects RSVP and Event Management: from n/a through <= 2.7.14. Published: 2025-01-24T17:24:57.418Z Updated: 2026-04-28T16:11:31.938Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/rsvp/vulnerability/wordpress-rsvp-and-event-management-plugin-2-7-14-sql-injection-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.