CVE-2023-2123

Published
View on NVD ↗
CVSS v3
6.1
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT

Description

The WP Inventory Manager WordPress plugin before 2.1.0.13 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting.

0xn4d/poc-cve-xss-encoded-wp-inventory-manager-plugin
0xn4d/poc-cve-xss-encoded-wp-inventory-manager-plugin
PoC for CVE-2023-2123
GitHubGitHub
2