5 matches found
CVE-2024-13434
The WP Inventory Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'message' parameter in all versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrar...
CVE-2024-13434
creationtimestamp| type| source ---|---|--- 2025-01-17 04:34:12+00:00| seen| https://infosec.exchange/users/cve/statuses/113841828810932968 2025-01-17 04:56:28+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2095 2025-01-17 05:15:31+00:00| seen|...
CVE-2024-13434
CVE-2024-13434 concerns the WP Inventory Manager WordPress plugin. It allows a Reflected Cross-Site Scripting (XSS) via the user-supplied parameter “message” in all versions up to 2.3.2, caused by insufficient input sanitization and inadequate output escaping. The vulnerability enables unauthenti...
CVE-2024-13434 WP Inventory Manager <= 2.3.2 - Reflected Cross-Site Scripting
The WP Inventory Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'message' parameter in all versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrar...
CVE-2024-13434 WP Inventory Manager <= 2.3.2 - Reflected Cross-Site Scripting
The WP Inventory Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'message' parameter in all versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrar...