Vulnerability CVE-2023-1893
Published: 2023-07-17

Description:
The Login Configurator WordPress plugin through 2.1 does not properly escape a URL parameter before outputting it to the page, leading to a reflected cross-site scripting vulnerability targeting site administrators.

See advisories in our WLB2 database:
Topic
Author
Date
Low
WordPress Login Configurator 2.1 Cross Site Scripting
Taurus Omar
27.07.2023

Type:

CWE-79

 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://wpscan.com/vulnerability/dbe6cf09-971f-42e9-b744-9339454168c7
Copyright 2024, cxsecurity.com

 

Back to Top