← Back

Sarveshmrao

sarveshmrao

2 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Wp Discord Invite
wp_discord_invite
2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-5006
1Sarveshmrao
1Wp Discord Invite
Jun 17, 2026
Jan 17, 2024
N/A· v4
6.5 MEDIUM· v3
N/A· v2
The WP Discord Invite WordPress plugin before 2.5.1 does not protect some of its actions against CSRF attacks, allowing an unauthenticated attacker to perform actions on their behalf by tricking a logged in administrator...Show more
The WP Discord Invite WordPress plugin before 2.5.1 does not protect some of its actions against CSRF attacks, allowing an unauthenticated attacker to perform actions on their behalf by tricking a logged in administrator to submit a crafted request.Show less
CVE-2023-5181
1Sarveshmrao
1Wp Discord Invite
Jun 17, 2026
Nov 6, 2023
N/A· v4
4.8 MEDIUM· v3
N/A· v2
The WP Discord Invite WordPress plugin before 2.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unf...Show more
The WP Discord Invite WordPress plugin before 2.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)Show less