Vulnerability — CVE-2023-2579

CVE-2023-2579

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2023-2579
Description:: The InventoryPress WordPress plugin through 1.7 does not sanitise and escape some of its settings, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks.
Last updated date:: 07/26/2023

Type:: exploit
Confidence:: HIGH
Date of publishing:: 07/26/2023
Reference url to background: https://github.com/daniloalbuqrque/poc-cve-xss-inventory-press-plugin

Type:: exploit
Confidence:: HIGH
Date of publishing:: 07/26/2023
Reference url to background: https://wpscan.com/vulnerability/3cfcb8cc-9c4f-409c-934f-9f3f043de6fe