Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:invite_anyone_project:invite_anyone:1.0.26:*:*:*:*:wordpress:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2017-18545 |
The invite-anyone plugin before 1.3.16 for WordPress has incorrect escaping of untrusted Dashboard and front-end input. Published: August 16, 2019; 5:15:10 PM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2017-18544 |
The invite-anyone plugin before 1.3.16 for WordPress has admin-panel CSRF. Published: August 16, 2019; 5:15:10 PM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2017-18543 |
The invite-anyone plugin before 1.3.16 for WordPress has incorrect access control for email-based invitations. Published: August 16, 2019; 5:15:10 PM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |