The All in One Invite Codes plugin for WordPress can put people using it at risk. If they are using versions up to, and including, 1.0.14, attackers may be able to inject malicious web scripts into their WordPress website. These scripts may run in the victims browser, potentially allowing attackers to access their information or take control of their website.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
