3 matches found
WordPress plugin WP Customize Login 'Change Logo Title' cross-site scripting vulnerability
WordPress is a blogging platform based on the PHP language, which can be used to set up websites on servers supporting PHP and MySQL databases, and can also be used as a content management system CMS. cross-site scripting vulnerability exists in the WordPress plugin WP Customize Login 'Change Log...
WP Customize Login <= 1.1 - Authenticated Stored Cross-Site Scripting (XSS)
The plugin is vulnerable to Authenticated Stored Cross-Site Scripting XSS in the "Change Logo URL" and Change Logo Title" settings...
WordPress WP Customize Login 1.1 Cross Site Scripting
Exploit Title: WordPress Plugin WP Customize Login 1.1 - 'Change Logo Title' Stored Cross-Site Scripting XSS Date: 2021-08-03 Exploit Author: Aryan Chehreghani Software Link: https://wordpress.org/plugins/customize-login/ Version: 1.1 Tested on: Windows 10 How to Reproduce this Vulnerability: 1...