← voltar
CVE-2023-2579

InventoryPress <= 1.7 - Author+ Stored XSS

EPSS 1.1%
The InventoryPress WordPress plugin through 1.7 does not sanitise and escape some of its settings, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks.
Produtos afetados
Unknown · InventoryPress

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/daniloalbuqrque/poc-cve-xss-inventory-press-pluginhttps://wpscan.com/vulnerability/3cfcb8cc-9c4f-409c-934f-9f3f043de6fe