cleantalk
Vulnerabilities and Security Researches

RSVP ME, CVE-2025-23480

CVE, Research URL

CVE-2025-23480

Home page URL

Security reports for RSVP ME

Application

RSVP ME

Published on
Mar 03, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound RSVP ME allows Stored XSS. This issue affects RSVP ME: from n/a through 1.9.9.
Affected versions
max 1.9.9.
Status
vulnerable
Previous vulnerability researches
Eventbee RSVP Widget (CVE-2025-31838) , Apr 04, 2025
RSVPMaker for Toastmasters (CVE-2024-50531) , Nov 02, 2024
RSVPMaker Volunteer Roles (CVE-2025-23531) , Jan 29, 2025
RSVP ME (CVE-2025-23480) , Mar 05, 2025
RSVP ME (CVE-2024-50544) , Nov 04, 2024
New vulnerability
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (CVE-2026-7493) , May 27, 2026
RSVP and Event Management Plugin (CVE-2026-27398) , May 27, 2026
B2BKing — Ultimate WooCommerce Wholesale and B2B Solution — Wholesale Order Form, Catalog Mode, Dynamic Pricing & More (CVE-2026-27346) , May 27, 2026
GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress (CVE-2026-24546) , May 27, 2026
WP Activity Log (CVE-2026-45435) , May 26, 2026