Inventory Presser
by WordPress
Source repositories
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-50012 | Med | 0.38 | 5.9 | 0.00 | Jun 20, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fridaysystems Inventory Presser inventory-presser allows Stored XSS.This issue affects Inventory Presser: from n/a through <= 15.2.6. | ||
| CVE-2023-2579 | Med | 0.35 | 5.4 | 0.01 | Jul 17, 2023 | The InventoryPress WordPress plugin through 1.7 does not sanitise and escape some of its settings, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks. |
- risk 0.38cvss 5.9epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fridaysystems Inventory Presser inventory-presser allows Stored XSS.This issue affects Inventory Presser: from n/a through <= 15.2.6.
- risk 0.35cvss 5.4epss 0.01
The InventoryPress WordPress plugin through 1.7 does not sanitise and escape some of its settings, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks.