The invite-anyone plugin before 1.3.16 for WordPress has incorrect escaping of untrusted Dashboard and front-end input.
References
Link | Resource |
---|---|
https://wordpress.org/plugins/invite-anyone/#developers | Issue Tracking Third Party Advisory |
https://wordpress.org/plugins/invite-anyone/#developers | Issue Tracking Third Party Advisory |
Configurations
History
21 Nov 2024, 03:20
Type | Values Removed | Values Added |
---|---|---|
References | () https://wordpress.org/plugins/invite-anyone/#developers - Issue Tracking, Third Party Advisory |
Information
Published : 2019-08-16 21:15
Updated : 2024-11-21 03:20
NVD link : CVE-2017-18545
Mitre link : CVE-2017-18545
CVE.ORG link : CVE-2017-18545
JSON object : View
Products Affected
invite_anyone_project
- invite_anyone
CWE
CWE-20
Improper Input Validation