Lucene search
K

4 matches found

NVD
NVD
added 2023/10/31 2:15 p.m.19 views

CVE-2023-5211

The Fattura24 WordPress plugin before 6.2.8 does not sanitize or escape the 'id' parameter before outputting it back in the page, leading to a reflected Cross-Site Scripting vulnerability...

6.1CVSS6.1AI score0.00396EPSS
Exploits2References1
CVE
CVE
added 2023/10/31 1:54 p.m.46 views

CVE-2023-5211

CVE-2023-5211 affects the Fattura24 WordPress plugin (versions before 6.2.8). The vulnerability is a reflected Cross-Site Scripting issue caused by the plugin not sanitizing or escaping the id parameter when outputting it back to the page. Evidence from multiple sources shows a PoC and that the v...

6.1CVSS6.2AI score0.00396EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2023/10/31 1:54 p.m.29 views

CVE-2023-5211 Fattura24 < 6.2.8 - Reflected Cross-Site Scripting

The Fattura24 WordPress plugin before 6.2.8 does not sanitize or escape the 'id' parameter before outputting it back in the page, leading to a reflected Cross-Site Scripting vulnerability...

6.2AI score0.00396EPSS
Exploits2References1
Patchstack
Patchstack
added 2023/10/11 12:0 a.m.11 views

WordPress Fattura24 Plugin < 6.2.8 is vulnerable to Cross Site Scripting (XSS)

Software Fattura24 Type Plugin Vulnerable versions 6.2.8 Fixed in 6.2.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5211 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0ad9cd39b4a8 Credits Enrico Marcolini Claudio...

6.1CVSS5.6AI score0.00396EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder