5 matches found
WordPress Simple LDAP Login Plugin <= 1.6.0 is vulnerable to Cross Site Scripting (XSS)
Software Simple LDAP Login Type Plugin Vulnerable versions = 1.6.0 Fixed in 1.6.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8715 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7ab689130b50 Credits vgo0 Required...
CVE-2024-8715
The Simple LDAP Login plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.6.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pag...
CVE-2024-8715 Simple LDAP Login <= 1.6.0 - Reflected Cross-Site Scripting
The Simple LDAP Login plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.6.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pag...
CVE-2024-8715 Simple LDAP Login <= 1.6.0 - Reflected Cross-Site Scripting
The Simple LDAP Login plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.6.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pag...
CVE-2024-8715
CVE-2024-8715 : WordPress plugin Simple LDAP Login (versions