Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown

CVE-2025-24606

Disclosure Date: January 27, 2025 (last updated January 28, 2025)
Missing Authorization vulnerability in Sprout Invoices Client Invoicing by Sprout Invoices allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Client Invoicing by Sprout Invoices: from n/a through 20.8.1.
0
Attacker Value
Unknown

CVE-2024-53819

Disclosure Date: December 09, 2024 (last updated December 21, 2024)
Missing Authorization vulnerability in Sprout Invoices Client Invoicing by Sprout Invoices.This issue affects Client Invoicing by Sprout Invoices: from n/a through 20.8.0.
0
Attacker Value
Unknown

CVE-2021-24787

Disclosure Date: November 17, 2021 (last updated February 23, 2025)
The Client Invoicing by Sprout Invoices WordPress plugin before 19.9.7 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed