10 matches found
EUVD-2023-57542
Malicious code in bioql PyPI...
CVE-2023-5211
The Fattura24 WordPress plugin before 6.2.8 does not sanitize or escape the 'id' parameter before outputting it back in the page, leading to a reflected Cross-Site Scripting vulnerability...
CVE-2023-5211
The Fattura24 WordPress plugin before 6.2.8 does not sanitize or escape the 'id' parameter before outputting it back in the page, leading to a reflected Cross-Site Scripting vulnerability...
CVE-2023-5211 Fattura24 < 6.2.8 - Reflected Cross-Site Scripting
The Fattura24 WordPress plugin before 6.2.8 does not sanitize or escape the 'id' parameter before outputting it back in the page, leading to a reflected Cross-Site Scripting vulnerability...
CVE-2023-5211 Fattura24 < 6.2.8 - Reflected Cross-Site Scripting
The Fattura24 WordPress plugin before 6.2.8 does not sanitize or escape the 'id' parameter before outputting it back in the page, leading to a reflected Cross-Site Scripting vulnerability...
CVE-2023-5211
CVE-2023-5211 affects the Fattura24 WordPress plugin (versions before 6.2.8). The vulnerability is a reflected Cross-Site Scripting issue caused by the plugin not sanitizing or escaping the id parameter when outputting it back to the page. Evidence from multiple sources shows a PoC and that the v...
WordPress Plugin Fattura24 Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
WordPress Fattura24 Plugin < 6.2.8 is vulnerable to Cross Site Scripting (XSS)
Software Fattura24 Type Plugin Vulnerable versions 6.2.8 Fixed in 6.2.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5211 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0ad9cd39b4a8 Credits Enrico Marcolini Claudio...
Fattura24 < 6.2.8 - Reflected Cross-Site Scripting
Description The plugin does not sanitize or escape the 'id' parameter before outputting it back in the page, leading to a reflected Cross-Site Scripting vulnerability. PoC wp-admin/options-general.php?page=fatt-24-tax=12...
Fattura24 < 6.2.8 - Reflected Cross-Site Scripting
Description The plugin does not sanitize or escape the 'id' parameter before outputting it back in the page, leading to a reflected Cross-Site Scripting vulnerability. wp-admin/options-general.php?page=fatt-24-tax&id=12alert1%3B...