CVE Record: CVE-2025-24683

Required CVE Record Information

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPChill RSVP and Event Management Plugin allows SQL Injection. This issue affects RSVP and Event Management Plugin: from n/a through 2.7.14.

CWE 1 Total

Learn more

CWE-89: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CVSS 1 Total

Learn more

Score	Severity	Version	Vector String
7.6	HIGH	3.1	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L

Product Status

Learn more

Versions 1 Total

Default Status: unaffected

affected

Credits

AHMAD SOPYAN (Patchstack Alliance) finder

References 1 Total

https://patchstack.com/database/wordpress/plugin/rsvp/vulnerability/wordpress-rsvp-and-event-management-plugin-2-7-14-sql-injection-vulnerability?_s_id=cve
external site
vdb-entry

Authorized Data Publishers

Learn more

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: Patchstack OÜ

Description

CWE 1 Total

CVSS 1 Total

Product Status

Credits

References 1 Total

Authorized Data Publishers

CISA-ADP