Filtered by vendor Codection
Subscriptions
Filtered by product Clean Login
Subscriptions
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-4838 | 1 Codection | 1 Clean Login | 2023-11-07 | 5.4 Medium |
The Clean Login WordPress plugin before 1.13.7 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. | ||||
CVE-2015-9336 | 1 Codection | 1 Clean Login | 2019-08-26 | N/A |
The clean-login plugin before 1.5.1 for WordPress has reflected XSS. | ||||
CVE-2017-8875 | 1 Codection | 1 Clean Login | 2017-05-18 | N/A |
CSRF in the Clean Login plugin before 1.8 for WordPress allows remote attackers to change the login redirect URL or logout redirect URL. |
Page 1 of 1.