Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:51 a.m.12 views

CVE-2023-2579

The InventoryPress WordPress plugin through 1.7 does not sanitise and escape some of its settings, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.8AI score0.0112EPSS
Exploits3References1
NVD
NVD
added 2023/07/17 2:15 p.m.28 views

CVE-2023-2579

The InventoryPress WordPress plugin through 1.7 does not sanitise and escape some of its settings, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS0.0112EPSS
Exploits3References2
CVE
CVE
added 2023/07/17 1:29 p.m.59 views

CVE-2023-2579

CVE-2023-2579 concerns the InventoryPress WordPress plugin (≤1.7). The issue is due to insufficient sanitisation/escaping of plugin settings, enabling authenticated users with role Author or higher to perform Stored XSS. Public writeups and Red Hat/NVD entries confirm the vulnerability and its pe...

5.4CVSS5.4AI score0.0112EPSS
Exploits3References2Affected Software1
Cvelist
Cvelist
added 2023/07/17 1:29 p.m.31 views

CVE-2023-2579 InventoryPress <= 1.7 - Author+ Stored XSS

The InventoryPress WordPress plugin through 1.7 does not sanitise and escape some of its settings, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks...

5.4AI score0.0112EPSS
Exploits3References2
Vulnrichment
Vulnrichment
added 2023/07/17 1:29 p.m.18 views

CVE-2023-2579 InventoryPress <= 1.7 - Author+ Stored XSS

The InventoryPress WordPress plugin through 1.7 does not sanitise and escape some of its settings, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks...

5.8AI score0.0112EPSS
Exploits3References2
Patchstack
Patchstack
added 2023/06/26 12:0 a.m.16 views

WordPress InventoryPress Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS)

Software InventoryPress Type Plugin Vulnerable versions = 1.7 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2579 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 980d01840734 Credits daniloalbuqrque Require...

5.4CVSS5.6AI score0.0112EPSS
Exploits3References3Affected Software1
Rows per page
Query Builder