The invite-anyone plugin before 1.3.16 for WordPress has incorrect escaping of untrusted Dashboard and front-end input.
References
Link | Resource |
---|---|
https://wordpress.org/plugins/invite-anyone/#developers | Issue Tracking Third Party Advisory |
Configurations
History
No history.
Information
Published : 2019-08-16 21:15
Updated : 2024-02-04 20:20
NVD link : CVE-2017-18545
Mitre link : CVE-2017-18545
CVE.ORG link : CVE-2017-18545
JSON object : View
Products Affected
invite_anyone_project
- invite_anyone
CWE
CWE-20
Improper Input Validation