The plugin Clean Login 1.12.6.3 is vulnerable to Reflected Cross-Site Scripting due to unescaped url parameter in the login form. A payload can be appended to pages with the [clean-login] shortcode
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo