Invite Anyone Project: >> Invite Anyone >> 0.3.4 Security Vulnerabilities
The invite-anyone plugin before 1.3.16 for WordPress has incorrect access control for email-based invitations.
CVSS Score
9.8
EPSS Score
0.006
Published
2019-08-16
The invite-anyone plugin before 1.3.16 for WordPress has admin-panel CSRF.
CVSS Score
8.8
EPSS Score
0.001
Published
2019-08-16
The invite-anyone plugin before 1.3.16 for WordPress has incorrect escaping of untrusted Dashboard and front-end input.
CVSS Score
7.5
EPSS Score
0.002
Published
2019-08-16