A vulnerability was found in neo2oo5 Neos Connector for Fakturama Plugin up to 0.0.14 on WordPress and classified as problematic . Affected by this vulnerability is the function ncff_add_plugin_page of the component Setting Handler . Such manipulation leads to cross-site request forgery. This vulnerability is documented as CVE-2026-4143 . The attack can be executed remotely. There is not any exploit available. It is suggested to upgrade the affected component.