CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

Login Configurator WordPress plugin = 2.1 contains a reflected cross-site scripting caused by improper escaping of URL parameter before outputting it to the page, letting attackers execute scripts in the context of site administrators, exploit requires victim to visit a malicious URL. id:...

6.1CVSS6.6AI score0.04871EPSS

Exploits3References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-38449

Malicious code in bioql PyPI...

5.9CVSS6.3AI score0.00084EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 3:2 a.m.•6 views

CVE-2023-1893

The Login Configurator WordPress plugin through 2.1 does not properly escape a URL parameter before outputting it to the page, leading to a reflected cross-site scripting vulnerability targeting site administrators...

6.1CVSS8.1AI score0.04871EPSS

Exploits3References1

OSV•added 2023/08/30 2:15 p.m.•0 views

CVE-2023-34175

Unauth. Reflected Cross-Site Scripting XSS vulnerability in GrandSlambert Login Configurator plugin = 2.1 versions...

6.1CVSS7.3AI score0.00088EPSS

Exploits0References1

CVE•added 2023/08/30 1:39 p.m.•31 views

CVE-2023-34175

CVE-2023-34175: Unauth. Reflected XSS in GrandSlambert Login Configurator plugin

7.1CVSS6AI score0.00088EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/08/30 1:39 p.m.•10 views

CVE-2023-34175 WordPress Login Configurator Plugin <= 2.1 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in GrandSlambert Login Configurator plugin = 2.1 versions...

7.1CVSS5.9AI score0.00088EPSS

Exploits0References1

Cvelist•added 2023/08/30 1:39 p.m.•14 views

CVE-2023-34175 WordPress Login Configurator Plugin <= 2.1 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in GrandSlambert Login Configurator plugin = 2.1 versions...

7.1CVSS6.3AI score0.00088EPSS

Exploits0References1

CNNVD•added 2023/08/30 12:0 a.m.•1 views

WordPress plugin login-configurator 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

7.1CVSS6.8AI score0.00088EPSS

Exploits0References2

OSV•added 2023/07/25 2:15 p.m.•0 views

CVE-2023-34369

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in GrandSlambert Login Configurator plugin = 2.1 versions...

4.8CVSS7.3AI score0.00084EPSS

Exploits0References1

NVD•added 2023/07/25 2:15 p.m.•8 views

CVE-2023-34369

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in GrandSlambert Login Configurator plugin = 2.1 versions...

5.9CVSS5.4AI score0.00084EPSS

Exploits0References1

Cvelist•added 2023/07/25 1:2 p.m.•12 views

CVE-2023-34369 WordPress Login Configurator Plugin <= 2.1 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in GrandSlambert Login Configurator plugin = 2.1 versions...

5.9CVSS5.5AI score0.00084EPSS

Exploits0References1

Vulnrichment•added 2023/07/25 1:2 p.m.•10 views

CVE-2023-34369 WordPress Login Configurator Plugin <= 2.1 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in GrandSlambert Login Configurator plugin = 2.1 versions...

5.9CVSS5.6AI score0.00084EPSS

Exploits0References1

CVE•added 2023/07/25 1:2 p.m.•29 views

CVE-2023-34369

CVE-2023-34369 affects the WordPress GrandSlambert Login Configurator plugin (versions ≤ 2.1). It is an authenticated Stored Cross-Site Scripting (XSS) vulnerability, exploitable by an admin+ user, with the issue described as an input/sanitization flaw in the login configuration flow. Impact per ...

5.9CVSS5AI score0.00084EPSS

Exploits0References1Affected Software1

CNNVD•added 2023/07/25 12:0 a.m.•1 views

WordPress plugin Login Configurator 跨站脚本漏洞

5.9CVSS6.2AI score0.00084EPSS

Exploits0References2

OSV•added 2023/07/17 2:15 p.m.•0 views

CVE-2023-1893

6.1CVSS7.1AI score

Exploits0References2

Prion•added 2023/07/17 2:15 p.m.•13 views

Cross site scripting

5.8CVSS6AI score0.04871EPSS

Exploits3References2Affected Software1

Positive Technologies•added 2023/07/17 12:0 a.m.•4 views

PT-2023-17320 · WordPress · Login Configurator

Name of the Vulnerable Software and Affected Versions: Login Configurator WordPress plugin versions through 2.1 Description: The issue is related to a reflected cross-site scripting vulnerability. It occurs because the plugin does not properly escape a URL parameter before outputting it to the...

6.1CVSS6.2AI score0.04871EPSS

Exploits3References5

CNNVD•added 2023/07/17 12:0 a.m.•4 views

WordPress plugin Login Configurator 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

6.1CVSS6.8AI score0.04871EPSS

Exploits3References4

wpexploit•added 2023/06/26 12:0 a.m.•142 views

The plugin does not properly escape a URL parameter before outputting it to the page, leading to a reflected cross-site scripting vulnerability targeting site administrators. Visit the following path:...

6.1CVSS8.5AI score0.04871EPSS

Exploits3

Patchstack•added 2023/06/13 12:0 a.m.•7 views

WordPress Login Configurator Plugin <= 2.1 is vulnerable to Cross Site Scripting (XSS)

Software Login Configurator Type Plugin Vulnerable versions = 2.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-34369 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c57749cf9e33 Credits NeginNrb Required...

5.9CVSS5.8AI score0.00084EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by