All in One Invite Codes

Vulnerabilities 7Slug all-in-one-invite-codesLatest version 1.2.0WordPress.org →

Minimum safe version

1.1.11

Update to 1.1.11 or later to address 7 fixable vulnerabilities

Latest available1.2.0
Medium 6.3
2024-10-16< 1.0.13

Freemius SDK <= 2.4.2 - Missing Authorization Checks

CVE
N/A
2023-07-18< 1.1.11

WordPress All in One Invite Codes Plugin < 1.1.11 is vulnerable to Cross Site Scripting (XSS)

PatchstackCVE
N/A
2022-03-04< 1.0.13

Freemius SDK <= 2.4.2 - Missing Authorization Checks

Wordfence
N/A
2022-05-17< 1.0.15

All in One Invite Codes <= 1.0.14 - Cross-Site Scripting

Wordfence
N/A
2022-07-21< 1.1.0

All in One Invite Codes <= 1.0.15 - Authenticated (Admin+) Stored Cross-Site Scripting

Wordfence
N/A
2022-02-28< 1.0.13

WordPress All in One Invite Codes plugin <= 1.0.12 - Sensitive Information Disclosure vulnerability

Patchstack
N/A
2022-02-28< 1.0.13

WordPress All in One Invite Codes plugin <= 1.0.12 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Patchstack