4 matches found
CVE-2023-5211
The Fattura24 WordPress plugin before 6.2.8 does not sanitize or escape the 'id' parameter before outputting it back in the page, leading to a reflected Cross-Site Scripting vulnerability...
CVE-2023-5211
CVE-2023-5211 affects the Fattura24 WordPress plugin (versions before 6.2.8). The vulnerability is a reflected Cross-Site Scripting issue caused by the plugin not sanitizing or escaping the id parameter when outputting it back to the page. Evidence from multiple sources shows a PoC and that the v...
CVE-2023-5211 Fattura24 < 6.2.8 - Reflected Cross-Site Scripting
The Fattura24 WordPress plugin before 6.2.8 does not sanitize or escape the 'id' parameter before outputting it back in the page, leading to a reflected Cross-Site Scripting vulnerability...
WordPress Fattura24 Plugin < 6.2.8 is vulnerable to Cross Site Scripting (XSS)
Software Fattura24 Type Plugin Vulnerable versions 6.2.8 Fixed in 6.2.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5211 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0ad9cd39b4a8 Credits Enrico Marcolini Claudio...