CVE-2023-2579
CVE-2023-2579 concerns the InventoryPress WordPress plugin (≤1.7). The issue is due to insufficient sanitisation/escaping of plugin settings, enabling authenticated users with role Author or higher to perform Stored XSS. Public writeups and Red Hat/NVD entries confirm the vulnerability and its pe...