Wpinventory - Wp Inventory Manager CVE

Filtered by vendor Wpinventory Subscribe

Filtered by product Wp Inventory Manager

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2023-34002	1 Wpinventory	1 Wp Inventory Manager	2023-11-15	N/A	8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in WP Inventory Manager plugin <= 2.1.0.13 versions.
CVE-2023-2123	1 Wpinventory	1 Wp Inventory Manager	2023-08-22	N/A	6.1 MEDIUM
The WP Inventory Manager WordPress plugin before 2.1.0.13 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting.

Vulnerabilities (CVE)