Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Invitebox Subscribe
Filtered by product Invitebox
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-38359 1 Invitebox 1 Invitebox 2021-09-21 4.3 MEDIUM 6.1 MEDIUM
The WordPress InviteBox Plugin for viral Refer-a-Friend Promotions WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the message parameter found in the ~/admin/admin.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.4.1.