RSS   Podatności dla 'Openid connect generic client'   RSS

2021-05-06
 
CVE-2021-24214

CWE-79
 

 
The OpenID Connect Generic Client WordPress plugin 3.8.0 and 3.8.1 did not sanitise the login error when output back in the login form, leading to a reflected Cross-Site Scripting issue. This issue does not require authentication and can be exploited with the default configuration.

 


Copyright 2024, cxsecurity.com

 

Back to Top