Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpexploitAustin BentleyWPEX-ID:31CF0DFB-4025-4898-A5F4-FC7115565A10
HistoryApr 07, 2021 - 12:00 a.m.

OpenID Connect Generic Client 3.8.0-3.8.1 - Reflected Cross Site Scripting (XSS) via Login Error

2021-04-0700:00:00
Austin Bentley
320
JSON

The plugin did not sanitise the login error when output back in the login form, leading to a reflected Cross-Site Scripting issue. This issue does not require authentication and can be exploited with the default configuration.

https://example.com/wp-login.php?login-error=%3Cscript%3Ealert(0)%3C/script%3E

Related

prion 1
cve 1
wpvulndb 1
patchstack 1
nuclei 1
prion
prion
Cross site scripting
2021-05-06 13:15:00
cve
cve
CVE-2021-24214
2021-05-06 13:15:00
wpvulndb
wpvulndb
OpenID Connect Generic Client 3.8.0-3.8.1 - Reflected Cross Site Scripting (XSS) via Login Error
2021-04-07 00:00:00
patchstack
patchstack
WordPress OpenID Connect Generic Client plugin <= 3.8.1 - Reflected Cross-Site Scripting (XSS) vulnerability
2021-04-07 00:00:00
nuclei
nuclei
WordPress OpenID Connect Generic Client 3.8.0-3.8.1 - Cross-Site Scripting
2022-09-15 18:21:21
JSON
Related for WPEX-ID:31CF0DFB-4025-4898-A5F4-FC7115565A10
prion1cve1wpvulndb1patchstack1nuclei1