Medium severity5.4NVD Advisory· Published Mar 22, 2023· Updated Jun 17, 2026
CVE-2023-28666
CVE-2023-28666
Description
The InPost Gallery WordPress plugin, in versions < 2.2.2, is affected by a reflected cross-site scripting vulnerability in the 'imgurl' parameter to the add_inpost_gallery_slide_item action, which can only be triggered by an authenticated user.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <2.2.2
Patches
Vulnerability mechanics
References
1- www.tenable.com/security/research/tra-2023-3nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.