Lucene search

K
wpvulndbJrXnmWPVDB-ID:1A46CFEC-24AD-4619-8579-F09BBD8EE748
HistoryNov 08, 2021 - 12:00 a.m.

LoginWP < 3.0.0.5 - Reflected Cross-Site Scripting

2021-11-0800:00:00
JrXnm
wpscan.com
9

EPSS

0.001

Percentile

41.5%

The plugin does not sanitise and escape the rul_login_url and rul_logout_url parameter before outputting them back in attributes in an admin page, leading to a Reflected Cross-Site Scripting issue

PoC

CPENameOperatorVersion
peters-login-redirectlt3.0.0.5

EPSS

0.001

Percentile

41.5%

Related for WPVDB-ID:1A46CFEC-24AD-4619-8579-F09BBD8EE748