2.1.0.8

CVSS 8.1 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

wpinventory

NVD

Published: 2023-06-27

Updated: 2024-11-21

Summary

The WP Inventory Manager WordPress plugin before 2.1.0.14 does not have CSRF checks, which could allow attackers to make logged-in admins delete Inventory Items via a CSRF attack

Vulnerable Configurations

Part	Description	Count
Application	Wpinventory Wpinventory WP Inventory Manager - Wpinventory WP Inventory Manager 2.1.0.8 Wpinventory WP Inventory Manager 2.1.0.13	3

References

https://wpscan.com/vulnerability/0357ecc7-56f5-4843-a928-bf2d3ce75596
https://wpscan.com/vulnerability/0357ecc7-56f5-4843-a928-bf2d3ce75596