27 matches found
CVE-2017-18545
The invite-anyone plugin before 1.3.16 for WordPress has incorrect escaping of untrusted Dashboard and front-end input...
EUVD-2017-9661
Malware in sbrugna...
EUVD-2024-40219
Malicious code in bioql PyPI...
CVE-2017-18543
The invite-anyone plugin before 1.3.16 for WordPress has incorrect access control for email-based invitations...
CVE-2024-43327
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Boone Gorges Invite Anyone allows Reflected XSS.This issue affects Invite Anyone: from n/a through 1.4.7...
CVE-2024-43327
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Boone Gorges Invite Anyone allows Reflected XSS.This issue affects Invite Anyone: from n/a through 1.4.7...
CVE-2024-43327
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Boone Gorges Invite Anyone allows Reflected XSS.This issue affects Invite Anyone: from n/a through 1.4.7...
CVE-2024-43327 WordPress Invite Anyone plugin <= 1.4.7 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Boone Gorges Invite Anyone allows Reflected XSS.This issue affects Invite Anyone: from n/a through 1.4.7...
CVE-2024-43327 WordPress Invite Anyone plugin <= 1.4.7 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Boone Gorges Invite Anyone allows Reflected XSS.This issue affects Invite Anyone: from n/a through 1.4.7...
CVE-2024-43327
CVE-2024-43327 refers to an issue in the WordPress plugin Invite Anyone where input is improperly neutralized during web page generation, enabling a reflected XSS. Affected: Invite Anyone (WordPress plugin) and versions up to 1.4.7. The vulnerability could allow an attacker to inject and execute ...
WordPress plugin Invite Anyone 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Invite Anyone plugin <= 1.4.7 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin Invite Anyone versions = 1.4.7...
WordPress Invite Anyone Plugin <= 1.4.7 is vulnerable to Cross Site Scripting (XSS)
Software Invite Anyone Type Plugin Vulnerable versions = 1.4.7 Fixed in 1.4.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43327 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e990de812727 Credits Dimas Maulana Required privilege...
WordPress invite-anyone plugin cross-site request forgery vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. invite-anyone is an invitation notification plugin used in it. A cross-site request forgery vulnerability exists in the WordPress...
WordPress invite-anyone plugin input validation error vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. invite-anyone is an invitation notification plugin used in it. An input validation error vulnerability exists in the WordPress...
CVE-2017-18543
The invite-anyone plugin before 1.3.16 for WordPress has incorrect access control for email-based invitations...
CVE-2017-18545
The invite-anyone plugin before 1.3.16 for WordPress has incorrect escaping of untrusted Dashboard and front-end input...
CVE-2017-18544
The invite-anyone plugin before 1.3.16 for WordPress has admin-panel CSRF...
CVE-2017-18543
The CVE-2017-18543 entry concerns the WordPress plugin Invite Anyone, specifically versions before 1.3.16, which has incorrect access control for email-based invitations. The vulnerability is supported by multiple connected sources that describe the plugin’s access-control flaw, its impact, and t...
CVE-2017-18544
The invite-anyone plugin before 1.3.16 for WordPress has admin-panel CSRF...