WP Chill RSVP and Event Management Leaks Sensitive Information

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

WP Chill RSVP and Event Management Leaks Sensitive Information

CVE-2026-39536

Summary

A flaw in WP Chill RSVP and Event Management allows unauthorized access to sensitive data, such as registration information and event details, which could be used for malicious purposes. This issue affects all versions of RSVP and Event Management up to 2.7.16, so it's essential to update the software to a fixed version to prevent data exposure. Promptly update to a version greater than 2.7.16 to ensure the security of your event registration and management system.

Original title

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Chill RSVP and Event Management rsvp allows Retrieve Embedded Sensitive Data.This issue affects RSVP a...

Original description

Vulnerability type

CWE-497

https://patchstack.com/database/Wordpress/Plugin/rsvp/vulnerability/wordpress-rs...

Published: 8 Apr 2026 · Updated: 9 Apr 2026 · First seen: 8 Apr 2026