CVE-2024-13226

The A5 Custom Login Page WordPress plugin through 2.8.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

WordPress A5 Custom Login Page plugin <= 2.8.1 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin A5 Custom Login Page versions = 2.8.1...

CVE-2024-13226 A5 Custom Login Page <= 2.8.1 - Reflected XSS

The A5 Custom Login Page WordPress plugin through 2.8.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-13226 A5 Custom Login Page <= 2.8.1 - Reflected XSS

The A5 Custom Login Page WordPress plugin through 2.8.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-13226

CVE-2024-13226 affects the A5 Custom Login Page WordPress plugin (versions up to 2.8.1). The vulnerability is a reflected cross-site scripting (XSS) caused by insufficient sanitization/escaping of a parameter before it is echoed in the login page. Impact: potential execution of scripts in the con...

PT-2025-2080

Name of the Vulnerable Software and Affected Versions A5 Custom Login Page WordPress plugin versions 2.8.1 and earlier Description The issue is related to a Reflected Cross-Site Scripting problem. It occurs because a parameter is not properly sanitised and escaped before being outputted back in t...