| |
Vulnerability CVE-2023-5211
Published: 2023-10-31
| Description: |
The Fattura24 WordPress plugin before 6.2.8 does not sanitize or escape the 'id' parameter before outputting it back in the page, leading to a reflected Cross-Site Scripting vulnerability. |
Type:
CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))
References: |
https://wpscan.com/vulnerability/aa868380-cda7-4ec6-8a3f-d9fa692908f2
|
|
|
Copyright 2026, cxsecurity.com
|
|
|
