3 matches found
CVE-2023-2123 WP Inventory Manager < 2.1.0.13 - Reflected Cross-Site Scripting
The WP Inventory Manager WordPress plugin before 2.1.0.13 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...
CVE-2023-2123
CVE-2023-2123 affects the WordPress plugin WP Inventory Manager prior to version 2.1.0.13. The issue is an insufficient sanitization/escaping of a parameter before it is echoed on the page, causing a Reflected Cross-Site Scripting (XSS) . Impact is limited to unauthenticated users triggering XSS ...
WordPress WP Inventory Manager Plugin < 2.1.0.13 is vulnerable to Cross Site Scripting (XSS)
Software WP Inventory Manager Type Plugin Vulnerable versions 2.1.0.13 Fixed in 2.1.0.13 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2123 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 4a822a5456e3 Credits daniloalbuqrq...