Vulnerabilities > CVE-2023-2842 - Unspecified vulnerability in Wpinventory WP Inventory Manager

CVSS 8.1 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

wpinventory

NVD

Published: 2023-06-27

Updated: 2023-11-07

Summary

The WP Inventory Manager WordPress plugin before 2.1.0.14 does not have CSRF checks, which could allow attackers to make logged-in admins delete Inventory Items via a CSRF attack

Vulnerable Configurations

Part	Description	Count
Application	Wpinventory Wpinventory WP Inventory Manager *	1

References

https://wpscan.com/vulnerability/0357ecc7-56f5-4843-a928-bf2d3ce75596