Stock In & Out Project: >> Stock In & Out Security Vulnerabilities
The Stock in & out WordPress plugin through 1.0.4 has a search functionality, the lowest accessible level to it being contributor. The srch POST parameter is not validated, sanitised or escaped before using it in the echo statement, leading to a reflected XSS issue
CVSS Score
5.4
EPSS Score
0.002
Published
2021-06-14