Login Configurator Project Login Configurator vulnerabilities
3 known vulnerabilities affecting login_configurator_project/login_configurator.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2023-1893P4MEDIUMCVSS 6.1PoC≤ 2.12023-07-17
CVE-2023-1893 [MEDIUM] CWE-79 CVE-2023-1893: The Login Configurator WordPress plugin through 2.1 does not properly escape a URL parameter before
The Login Configurator WordPress plugin through 2.1 does not properly escape a URL parameter before outputting it to the page, leading to a reflected cross-site scripting vulnerability targeting site administrators.
nvd
CVE-2023-34175P4MEDIUMCVSS 6.1≤ 2.12023-08-30
CVE-2023-34175 [MEDIUM] CWE-79 CVE-2023-34175: Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GrandSlambert Login Configurator plugi
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GrandSlambert Login Configurator plugin <= 2.1 versions.
nvd
CVE-2023-34369P4MEDIUMCVSS 4.8≤ 2.12023-07-25
CVE-2023-34369 [MEDIUM] CWE-79 CVE-2023-34369: Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in GrandSlambert Login Configurator p
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in GrandSlambert Login Configurator plugin <= 2.1 versions.
nvd