WP-Invoice <= 4.1.0 - Multiple Vulnerabilities



Description
WP-Invoice plugin <= 4.1.0 contains multiple security vulnerabilities that include information disclosure, unauthorised updating of meta data, and privilege escalation.

Affects Plugin

fixed in version 4.1.1

References

CVE 2016-11011
CVE 2016-11010
CVE 2016-11009
CVE 2016-11008
CVE 2016-11007
CVE 2016-11006
URL http://www.pritect.net/blog/wp-invoice-4-1-1-security-vulnerabilities

Classification

Type MULTI

Miscellaneous

Submitter James Golovich
Submitter Website http://pritect.net
Submitter Twitter Pritect
Views 7408
Verified No
WPVDB ID 8378

Timeline

Publicly Published 2016-02-03 (almost 4 years ago)
Added 2016-02-04 (almost 4 years ago)
Last Updated 2019-10-31 (14 days ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin