CVE-2023-2579 in InventoryPress Plugininfo

Summary

by MITRE • 07/17/2023

The InventoryPress WordPress plugin through 1.7 does not sanitise and escape some of its settings, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservation

05/08/2023

Disclosure

07/17/2023

Moderation

accepted

Entry

VDB-232329

CPE

ready

CWE

CWE-79 (confirmed)

CVSS

3.5 (VulDB)

EPSS

0.01120

KEV

Activities

very low

Sector

Hostingprovider

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2023-2579
NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-2579
CVE Details	https://www.cvedetails.com/cve/CVE-2023-2579/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!