CVE-2025-6324

Name of the Vulnerable Software and Affected Versions MatrixAddons Easy Invoice versions through 2.0.9

Description The software contains a flaw related to improper input handling during web page generation, specifically a DOM-Based Cross-site Scripting issue. This allows for the injection of malicious scripts into web pages. The vulnerability exists due to insufficient sanitization of user-supplied data, potentially enabling an attacker to execute arbitrary code within the context of a user's browser.

Recommendations Update to a version later than 2.0.9.