Security Advisory

CVE-2023-5211

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-10-31 13:54:45

Last updated 2025-04-22 20:01:54

Assigner WPScan

State PUBLISHED

Description

The Fattura24 WordPress plugin before 6.2.8 does not sanitize or escape the id parameter before outputting it back in the page, leading to a reflected Cross-Site Scripting vulnerability.

← Browse all CVEs View on cve.org ↗