CVE-2023-2579 - CERT CVE
ID CVE-2023-2579
Sažetak The InventoryPress WordPress plugin through 1.7 does not sanitise and escape some of its settings, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks.
Reference
CVSS
Base: 5.4
Impact: 2.7
Exploitability:2.3
Pristup
VektorSloženostAutentikacija
NETWORK LOW -
Impact
PovjerljivostCjelovitostDostupnost
LOW LOW NONE
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Zadnje važnije ažuriranje 07-11-2023 - 04:12
Objavljeno 17-07-2023 - 14:15