18 matches found
WordPress Inactive Logout plugin cross-site scripting vulnerability
WordPress Inactive Logout plugin is a WordPress security plugin for automatically terminating inactive user sessions to prevent unauthorized access. The WordPress Inactive Logout plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering...
WordPress Inactive Logout plugin <= 3.5.5 - Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability
Authenticated Subscriber+ Stored Cross-Site Scripting vulnerability discovered by shark3y in WordPress Plugin Inactive Logout versions = 3.5.5...
CVE-2025-11922
The Inactive Logout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'inaredirectpageindividualuser' parameter in all versions up to, and including, 3.5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
EUVD-2025-37405
The Inactive Logout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'inaredirectpageindividualuser' parameter in all versions up to, and including, 3.5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-11922
The Inactive Logout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'inaredirectpageindividualuser' parameter in all versions up to, and including, 3.5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-11922
CVE-2025-11922: Inactive Logout for WordPress
CVE-2025-11922 Inactive Logout <= 3.5.5 - Authenticated (Subscriber+) Stored Cross-Site Scripting
The Inactive Logout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'inaredirectpageindividualuser' parameter in all versions up to, and including, 3.5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-11922 Inactive Logout <= 3.5.5 - Authenticated (Subscriber+) Stored Cross-Site Scripting
The Inactive Logout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'inaredirectpageindividualuser' parameter in all versions up to, and including, 3.5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
PT-2025-44698
Name of the Vulnerable Software and Affected Versions Inactive Logout plugin for WordPress versions up to and including 3.5.5 Description The Inactive Logout plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to insufficient input sanitization and output escaping...
WordPress plugin Inactive Logout 跨站脚本漏洞
WordPress Inactive Logout plugin is a WordPress security plugin for automatically terminating inactive user sessions to prevent unauthorized access. The WordPress Inactive Logout plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering...
EUVD-2023-48501
Malicious code in bioql PyPI...
CVE-2023-44142
Missing Authorization vulnerability in Deepen Bajracharya Inactive Logout inactive-logout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Inactive Logout: from n/a through = 3.2.2...
CVE-2023-44142
Missing Authorization vulnerability in Deepen Bajracharya Inactive Logout inactive-logout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Inactive Logout: from n/a through = 3.2.2...
CVE-2023-44142 WordPress Inactive Logout plugin <= 3.2.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in Deepen Bajracharya Inactive Logout inactive-logout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Inactive Logout: from n/a through = 3.2.2...
CVE-2023-44142 WordPress Inactive Logout plugin <= 3.2.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in Deepen Bajracharya Inactive Logout inactive-logout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Inactive Logout: from n/a through = 3.2.2...
WordPress plugin Inactive Logout 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A security vulnerability...
Inactive Logout < 3.2.3 - Missing Authorization
Description The Inactive Logout plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the inaresetadvsettings function in versions up to, and including, 3.2.2. This makes it possible for authenticated attackers, with subscriber-level access a...
WordPress Inactive Logout Plugin <= 3.2.2 is vulnerable to Broken Access Control
Software Inactive Logout Type Plugin Vulnerable versions = 3.2.2 Fixed in 3.2.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-44142 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 006870242fb0 Credits Elliot Required privilege...