usabilitydynamics 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
Historical issues mainly involve vendor risk csrf and vendor risk cross-site scripting and related security problems, affecting vendor surface production workloads and vendor surface software deployment scenarios.
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2022-1617 | The WP-Invoice WordPress plugin through 4.3.1 does not have CSRF check in place when updating its settings, and is lacking sanitisation as well as escaping in some of them, allowing attacker to make a logged in admin change them and add XSS payload in them | [email protected] | 6.1 | 0.27% | 2024-01-16 | 2026-06-17 |
| CVE-2022-1202 | The WP-CRM WordPress plugin through 1.2.1 does not validate and sanitise fields when exporting people to a CSV file, leading to a CSV injection vulnerability. | [email protected] | 7.8 | 0.97% | 2022-06-13 | 2026-06-17 |
| CVE-2016-11011 | The wp-invoice plugin before 4.1.1 for WordPress has wpi_update_user_option privilege escalation. | [email protected] | 6.5 | 1.37% | 2019-09-20 | 2026-06-16 |
| CVE-2016-11010 | The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_twocheckout payer metadata updates. | [email protected] | 5.3 | 1.77% | 2019-09-20 | 2026-06-16 |
| CVE-2016-11009 | The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_interkassa payer metadata updates. | [email protected] | 5.3 | 1.77% | 2019-09-20 | 2026-06-16 |
| CVE-2016-11008 | The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_paypal payer metadata updates. | [email protected] | 5.3 | 1.77% | 2019-09-20 | 2026-06-16 |
| CVE-2016-11007 | The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_user_id for invoice retrieval. | [email protected] | 5.3 | 1.97% | 2019-09-20 | 2026-06-16 |
| CVE-2016-11006 | The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control for admin_init settings changes. | [email protected] | 5.3 | 1.77% | 2019-09-20 | 2026-06-16 |