Lucene search

WP Inventory Manager Security Vulnerabilities

cve

CVE-2023-34002

Cross-Site Request Forgery (CSRF) vulnerability in WP Inventory Manager plugin <= 2.1.0.13...

8.8CVSS

7.7AI Score

0.001EPSS

2023-11-09 06:15 PM

cve

CVE-2023-2123

The WP Inventory Manager WordPress plugin before 2.1.0.13 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site...

6.1CVSS

6.2AI Score

0.0005EPSS

2023-08-16 12:15 PM

cve

CVE-2023-2842

The WP Inventory Manager WordPress plugin before 2.1.0.14 does not have CSRF checks, which could allow attackers to make logged-in admins delete Inventory Items via a CSRF...

8.1CVSS

7.9AI Score

0.001EPSS

2023-06-27 02:15 PM

cve

CVE-2023-1806

The WP Inventory Manager WordPress plugin before 2.1.0.12 does not sanitise and escape the message parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as...

6.1CVSS

6.2AI Score

0.001EPSS

2023-05-08 02:15 PM