14 matches found
EUVD-2015-9176
Malware in sbrugna...
EUVD-2017-17816
Malware in sbrugna...
EUVD-2022-52115
Malicious code in bioql PyPI...
CVE-2015-9336
The clean-login plugin before 1.5.1 for WordPress has reflected XSS...
CVE-2024-8252
The Clean Login plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.14.5 via the 'template' attribute of the clean-login-register shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and...
CVE-2024-8252
The Clean Login plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.14.5 via the 'template' attribute of the clean-login-register shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and...
WordPress Clean Login plugin <= 1.14.5 - Authenticated (Contributor+) Local File Inclusion vulnerability
Authenticated Contributor+ Local File Inclusion vulnerability discovered by wesley wcraft in WordPress Plugin Clean Login versions = 1.14.5...
CVE-2022-4838
The Clean Login WordPress plugin before 1.13.7 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege...
CVE-2022-4838 Clean Login < 1.13.7 - Contributor+ Stored XSS via Shortcode
The Clean Login WordPress plugin before 1.13.7 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege...
WordPress plugin Clean Login 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...
CVE-2015-9336
The clean-login plugin before 1.5.1 for WordPress has reflected XSS...
CVE-2017-8875
CSRF in the Clean Login plugin before 1.8 for WordPress allows remote attackers to change the login redirect URL or logout redirect URL...
Cross site request forgery (csrf)
CSRF in the Clean Login plugin before 1.8 for WordPress allows remote attackers to change the login redirect URL or logout redirect URL...
WordPress Clean Login Plugin CSRF Vulnerability
WordPress "Clean Login" is a front-end login and registration plugin. WordPress Clean Login plugin suffers from a CSRF vulnerability, which can be exploited by remote attackers to change wordpress login redirect url to other malicious addresses...