cleantalk
Vulnerabilities and Security Researches

Invite Anyone, ae275717e9ce52f64daecbc97587cc20a1342d6b

CVE, Research URL

ae275717e9ce52f64daecbc97587cc20a1342d6b

Home page URL

Security reports for Invite Anyone

Application

Invite Anyone

Published on
Mar 22, 2017
Research Description
Invite Anyone [invite-anyone] < 1.3.16 WordPress Invite Anyone plugin <=1.3.15 - Cross-Site Request Forgery (CSRF)/Cross-Site Scripting (XSS) Vulnerability WordPress Invite Anyone plugin Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) vulnerabilities were found in 1.3.15 version. The settings are passed without any sanitization to function register_setting(). Update the plugin.
Affected versions
max 1.3.16.
Status
vulnerable
Previous vulnerability researches
Print My Blog &#8211; Print, PDF, &amp; eBook Converter WordPress Plugin (CVE-2024-37271) , Jul 01, 2024
Print My Blog &#8211; Print, PDF, &amp; eBook Converter WordPress Plugin (CVE-2023-33999) , Jun 14, 2026
Print My Blog &#8211; Print, PDF, &amp; eBook Converter WordPress Plugin (CVE-2022-4974) , Nov 15, 2024
Print My Blog &#8211; Print, PDF, &amp; eBook Converter WordPress Plugin (CVE-2024-37105) , Jun 24, 2024
Print My Blog &#8211; Print, PDF, &amp; eBook Converter WordPress Plugin (CVE-2025-54740) , Aug 17, 2025
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar &#8211; Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026