4 matches found
CVE-2024-13836
The WP Login Control WordPress plugin through 2.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13836
The WP Login Control WordPress plugin through 2.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13836
The WP Login Control WordPress plugin through 2.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13836
CVE-2024-13836 affects the WordPress plugin WP Login Control, version ≤ 2.0.0. The vulnerability is a reflected XSS caused by insufficient sanitization/escaping of a parameter before it is echoed on the page, which could be leveraged against high-privilege users (e.g., admins). The connected docu...