What is CVE-2026-39536?

CVE-2026-39536 is a medium-severity vulnerability in Wp Chill Rsvp And Event Management, classified under Exposure of Sensitive System Information to an Unauthorized Control Sphere. CVSS score: 5.3/10. Published 2026-04-08.

How severe is CVE-2026-39536?

Medium severity. CVSS v3 base score is 5.3 out of 10.

Vulnerability in Wp Chill Rsvp And Event Management

CVE-2026-39536

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Chill RSVP and Event Management rsvp allows Retrieve Embedded Sensitive Data.This issue affects RSVP and Event Management: from n/a through <= 2…

EPSS: 0.000 (12.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N.

Affected products

Wp Chill Rsvp And Event Management — versions 0

Weakness classification (CWE)

CWE-497 — Exposure of Sensitive System Information to an Unauthorized Control Sphere

References

patchstack.com/database/Wordpress/Plugin/rsvp/vulnerability/wordpress-rsvp-and-… (vdb-entry)

Frequently asked questions

What is CVE-2026-39536?: CVE-2026-39536 is a medium-severity vulnerability in Wp Chill Rsvp And Event Management, classified under Exposure of Sensitive System Information to an Unauthorized Control Sphere. CVSS score: 5.3/10. Published 2026-04-08.
How severe is CVE-2026-39536?: Medium severity. CVSS v3 base score is 5.3 out of 10.