4 matches found
CVE-2025-11922
The Inactive Logout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'inaredirectpageindividualuser' parameter in all versions up to, and including, 3.5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-11922 Inactive Logout <= 3.5.5 - Authenticated (Subscriber+) Stored Cross-Site Scripting
The Inactive Logout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'inaredirectpageindividualuser' parameter in all versions up to, and including, 3.5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
PT-2025-44698
Name of the Vulnerable Software and Affected Versions Inactive Logout plugin for WordPress versions up to and including 3.5.5 Description The Inactive Logout plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to insufficient input sanitization and output escaping...
CVE-2023-44142 WordPress Inactive Logout plugin <= 3.2.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in Deepen Bajracharya Inactive Logout inactive-logout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Inactive Logout: from n/a through = 3.2.2...