2 matches found
CVE-2023-1893 Login Configurator <= 2.1 - Reflected Cross-Site Scripting
The Login Configurator WordPress plugin through 2.1 does not properly escape a URL parameter before outputting it to the page, leading to a reflected cross-site scripting vulnerability targeting site administrators...
CVE-2023-1893
The CVE-2023-1893 entry concerns the WordPress plugin Login Configurator (versions through 2.1). It describes a reflected cross-site scripting (XSS) flaw caused by improper escaping of a URL parameter before output to the page, enabling attackers to execute scripts in the context of site administ...