Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9
CVE-2025-47638
- EPSS 0.17%
- Veröffentlicht 07.05.2025 14:20:41
- Zuletzt bearbeitet 08.05.2025 14:39:09
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sarvesh M Rao WP Discord Invite allows Stored XSS. This issue affects WP Discord Invite: from n/a through 2.5.3.
6.5
CVE-2023-5006
- EPSS 0.11%
- Veröffentlicht 17.01.2024 15:15:10
- Zuletzt bearbeitet 11.06.2025 17:15:37
The WP Discord Invite WordPress plugin before 2.5.1 does not protect some of its actions against CSRF attacks, allowing an unauthenticated attacker to perform actions on their behalf by tricking a logged in administrator to submit a crafted request.
4.8
CVE-2023-5181
- EPSS 0.08%
- Veröffentlicht 06.11.2023 21:15:09
- Zuletzt bearbeitet 26.02.2025 22:15:13
The WP Discord Invite WordPress plugin before 2.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is dis...
1