4 matches found
CVE-2016-11007
The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpiuserid for invoice retrieval...
CVE-2016-11007
The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpiuserid for invoice retrieval...
CVE-2016-11007
The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpiuserid for invoice retrieval...
CVE-2016-11007
The CVE-2016-11007 entry concerns the WordPress plugin WP-Invoice. Affected component: WP-Invoice plugin for WordPress (version prior to 4.1.1). Root cause: incorrect access control over wpi_user_id used for invoice retrieval. Impact: potential information disclosure due to unauthorized access to...