CVE-2026-4143 | neo2oo5 Neos Connector for Fakturama Plugin up to 0.0.14 on WordPress Setting ncff_add_plugin_page cross-site request forgery

Inserito da Angelo Barbosa | Mar 21, 2026 | CVE

A vulnerability was found in neo2oo5 Neos Connector for Fakturama Plugin up to 0.0.14 on WordPress and classified as problematic. Affected by this vulnerability is the function ncff_add_plugin_page of the component Setting Handler. Such manipulation leads to cross-site request forgery.

This vulnerability is documented as CVE-2026-4143. The attack can be executed remotely. There is not any exploit available.

It is suggested to upgrade the affected component.

CVE-2026-4143 | neo2oo5 Neos Connector for Fakturama Plugin up to 0.0.14 on WordPress Setting ncff_add_plugin_page cross-site request forgery

Post correlati

CVE-2026-1190 | Red Hat Keycloak SAML Brokering SubjectConfirmationData privilege escalation

CVE-2024-29982 | Microsoft OLE DB Driver/SQL Server heap-based overflow

CVE-2026-1587 | Open5GS up to 2.7.6 SGWC /sgwc/s11-handler.c sgwc_s11_handle_modify_bearer_request denial of service (Issue 4272)

CVE-2025-8471 | projectworlds Online Admission System 1.0 /adminlogin.php a_id sql injection