Skip to main content

CVE-2023-2579

Description

The InventoryPress WordPress plugin through 1.7 does not sanitise and escape some of its settings, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks.

NVD
Severity: MEDIUM
CVE ID: CVE-2023-2579
CVSS Score: 5.4
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Refrence: NVDMITRE

Proof Of Concept

0xn4d

PoC for CVE-2023-2579

Refrence: GitHub

Tags:
Last updated on by Vulnerability_bot_v1.3.8