VYPR

Invite Anyone

by WordPress

CVEs (4)

  • CVE-2017-18543CriAug 16, 2019
    risk 0.64cvss 9.8epss 0.02

    The invite-anyone plugin before 1.3.16 for WordPress has incorrect access control for email-based invitations.

  • CVE-2017-18544HigAug 16, 2019
    risk 0.57cvss 8.8epss 0.01

    The invite-anyone plugin before 1.3.16 for WordPress has admin-panel CSRF.

  • CVE-2017-18545HigAug 16, 2019
    risk 0.49cvss 7.5epss 0.01

    The invite-anyone plugin before 1.3.16 for WordPress has incorrect escaping of untrusted Dashboard and front-end input.

  • CVE-2024-43327HigAug 18, 2024
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Boone Gorges Invite Anyone allows Reflected XSS.This issue affects Invite Anyone: from n/a through 1.4.7.