cleantalk
Vulnerabilities and Security Researches

Invite Anyone, CVE-2017-6955

CVE, Research URL

CVE-2017-6955

Home page URL

Security reports for Invite Anyone

Application

Invite Anyone

Published on
Mar 17, 2017
Research Description
An issue was discovered in by-email/by-email.php in the Invite Anyone plugin before 1.3.15 for WordPress. A user is able to change the subject and the body of the invitation mail that should be immutable, which facilitates a social engineering attack.
Affected versions
max 1.3.15.
Status
vulnerable
Previous vulnerability researches
Invite Anyone (ae275717e9ce52f64daecbc97587cc20a1342d6b) , Jun 16, 2026
Invite Anyone (9b02fd39fcfc3310ff8ba309239700f32b4b5cd5) , Jun 16, 2026
Invite Anyone (8b07ede0-3713-473a-a275-8c10829eab9b) , Jun 16, 2026
Invite Anyone (04b851cdaf9d8dbd4053b20060fb2a47e432d547) , Jun 16, 2026
Invite Anyone (CVE-2017-6955) , Jun 07, 2024
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar – Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026