2 matches found
WordPress Loginizer Plugin Cross-Site Scripting Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.WordPress Loginizer plugin is one of the access control plugin. A cross-site scripting vulnerability exists in the...
Loginizer 1.3.8-1.3.9 - Unauthenticated Stored Cross-Site Scripting (XSS)
Versions 1.3.8 to 1.3.9 the Loginizer WordPress Plugin were found to be vulnerable to Stored Cross-Site Scripting XSS. The vulnerability was due to the Plugin’s logging functionality using the $SERVER'REQUESTURI' PHP variable to create a URL string that was logged to the database without any inpu...