Vulnerabilities

CVE-2017-6955

by Fred · 17/03/2017

An issue was discovered in by-email/by-email.php in the Invite Anyone plugin before 1.3.15 for WordPress. A user is able to change the subject and the body of the invitation mail that should be immutable, which facilitates a social engineering attack.

Date published : 2017-03-17

http://www.securityfocus.com/bid/96965

https://github.com/boonebgorges/invite-anyone/compare/2ed5266ad3ae40f8db39adf06f450bbad56e2eac…boonebgorges:6121de08df86c5005b657dd67e48aa02c7982855

Similar

Tags: Cybersecurity Alert