Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Invite Anyone Project Subscribe
Filtered by product Invite Anyone
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-18543 1 Invite Anyone Project 1 Invite Anyone 2023-12-10 7.5 HIGH 9.8 CRITICAL
The invite-anyone plugin before 1.3.16 for WordPress has incorrect access control for email-based invitations.
CVE-2017-18544 1 Invite Anyone Project 1 Invite Anyone 2023-12-10 6.8 MEDIUM 8.8 HIGH
The invite-anyone plugin before 1.3.16 for WordPress has admin-panel CSRF.
CVE-2017-18545 1 Invite Anyone Project 1 Invite Anyone 2023-12-10 5.0 MEDIUM 7.5 HIGH
The invite-anyone plugin before 1.3.16 for WordPress has incorrect escaping of untrusted Dashboard and front-end input.