Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-18545 | 1 Invite Anyone Project | 1 Invite Anyone | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
The invite-anyone plugin before 1.3.16 for WordPress has incorrect escaping of untrusted Dashboard and front-end input. | |||||
CVE-2017-18544 | 1 Invite Anyone Project | 1 Invite Anyone | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
The invite-anyone plugin before 1.3.16 for WordPress has admin-panel CSRF. | |||||
CVE-2017-18543 | 1 Invite Anyone Project | 1 Invite Anyone | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
The invite-anyone plugin before 1.3.16 for WordPress has incorrect access control for email-based invitations. |