27 matches found
CVE-2017-18545
The invite-anyone plugin before 1.3.16 for WordPress has incorrect escaping of untrusted Dashboard and front-end input...
EUVD-2017-9661
Malware in sbrugna...
EUVD-2024-40219
Malicious code in bioql PyPI...
CVE-2017-18543
The invite-anyone plugin before 1.3.16 for WordPress has incorrect access control for email-based invitations...
CVE-2024-43327
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Boone Gorges Invite Anyone allows Reflected XSS.This issue affects Invite Anyone: from n/a through 1.4.7...
CVE-2024-43327
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Boone Gorges Invite Anyone allows Reflected XSS.This issue affects Invite Anyone: from n/a through 1.4.7...
CVE-2024-43327
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Boone Gorges Invite Anyone allows Reflected XSS.This issue affects Invite Anyone: from n/a through 1.4.7...
CVE-2024-43327
CVE-2024-43327 refers to an issue in the WordPress plugin Invite Anyone where input is improperly neutralized during web page generation, enabling a reflected XSS. Affected: Invite Anyone (WordPress plugin) and versions up to 1.4.7. The vulnerability could allow an attacker to inject and execute ...
CVE-2024-43327 WordPress Invite Anyone plugin <= 1.4.7 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Boone Gorges Invite Anyone allows Reflected XSS.This issue affects Invite Anyone: from n/a through 1.4.7...
CVE-2024-43327 WordPress Invite Anyone plugin <= 1.4.7 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Boone Gorges Invite Anyone allows Reflected XSS.This issue affects Invite Anyone: from n/a through 1.4.7...
WordPress plugin Invite Anyone 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Invite Anyone plugin <= 1.4.7 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin Invite Anyone versions = 1.4.7...
WordPress Invite Anyone Plugin <= 1.4.7 is vulnerable to Cross Site Scripting (XSS)
Software Invite Anyone Type Plugin Vulnerable versions = 1.4.7 Fixed in 1.4.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43327 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e990de812727 Credits Dimas Maulana Required privilege...
WordPress invite-anyone plugin input validation error vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. invite-anyone is an invitation notification plugin used in it. An input validation error vulnerability exists in the WordPress...
WordPress invite-anyone plugin cross-site request forgery vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. invite-anyone is an invitation notification plugin used in it. A cross-site request forgery vulnerability exists in the WordPress...
CVE-2017-18544
The invite-anyone plugin before 1.3.16 for WordPress has admin-panel CSRF...
CVE-2017-18543
The invite-anyone plugin before 1.3.16 for WordPress has incorrect access control for email-based invitations...
CVE-2017-18545
The invite-anyone plugin before 1.3.16 for WordPress has incorrect escaping of untrusted Dashboard and front-end input...
CVE-2017-18543
The CVE-2017-18543 entry concerns the WordPress plugin Invite Anyone, specifically versions before 1.3.16, which has incorrect access control for email-based invitations. The vulnerability is supported by multiple connected sources that describe the plugin’s access-control flaw, its impact, and t...
CVE-2017-18544
The invite-anyone plugin before 1.3.16 for WordPress has admin-panel CSRF...