logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2021-24214

Description

The OpenID Connect Generic Client WordPress plugin 3.8.0 and 3.8.1 did not sanitise the login error when output back in the login form, leading to a reflected Cross-Site Scripting issue. This issue does not require authentication and can be exploited with the default configuration.


Affected Software


CPE Name Name Version
daggerhartlab:openid_connect_generic_client daggerhartlab openid connect generic client 3.8.0
daggerhartlab:openid_connect_generic_client daggerhartlab openid connect generic client 3.8.1

Related