Aggregates CVE and security vulnerability intelligence across all invite_anyone_project-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk csrf and vendor risk input validation and related security problems, affecting vendor surface production workloads and vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2017-18545 | The invite-anyone plugin before 1.3.16 for WordPress has incorrect escaping of untrusted Dashboard and front-end input. | [email protected] | 7.5 | 0.24% | 2019-08-16 | 2024-11-21 |
| CVE-2017-18544 | The invite-anyone plugin before 1.3.16 for WordPress has admin-panel CSRF. | [email protected] | 8.8 | 0.09% | 2019-08-16 | 2024-11-21 |
| CVE-2017-18543 | The invite-anyone plugin before 1.3.16 for WordPress has incorrect access control for email-based invitations. | [email protected] | 9.8 | 0.59% | 2019-08-16 | 2024-11-21 |