5 matches found
CVE-2025-59467
A Cross-Site Scripting XSS vulnerability in the UCRM Argentina AFIP invoices Plugin v1.2.0 and earlier could allow privilege escalation if an Administrator is tricked into visiting a crafted malicious page. This plugin is disabled by default. Affected Products: UCRM Argentina AFIP invoices Plugin...
CVE-2025-59467
A Cross-Site Scripting XSS vulnerability in the UCRM Argentina AFIP invoices Plugin v1.2.0 and earlier could allow privilege escalation if an Administrator is tricked into visiting a crafted malicious page. This plugin is disabled by default. Affected Products: UCRM Argentina AFIP invoices Plugin...
CVE-2025-59467
A Cross-Site Scripting XSS vulnerability in the UCRM Argentina AFIP invoices Plugin v1.2.0 and earlier could allow privilege escalation if an Administrator is tricked into visiting a crafted malicious page. This plugin is disabled by default. Affected Products: UCRM Argentina AFIP invoices Plugin...
CVE-2025-59467
A Cross-Site Scripting XSS vulnerability in the UCRM Argentina AFIP invoices Plugin v1.2.0 and earlier could allow privilege escalation if an Administrator is tricked into visiting a crafted malicious page. This plugin is disabled by default. Affected Products: UCRM Argentina AFIP invoices Plugin...
CVE-2025-59467
Summary: CVE-2025-59467 is an XSS flaw in the UCRM Argentina AFIP invoices Plugin (versions ≤ 1.2.0). The vulnerability could enable privilege escalation when an Administrator is tricked into visiting a crafted page. The plugin is disabled by default. Impact (as stated): privilege escalation with...