Vulnerabilities (CVE)

Filtered by vendor Login Configurator Project Subscribe
Filtered by product Login Configurator
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-34369 1 Login Configurator Project 1 Login Configurator 2024-11-21 N/A 5.9 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in GrandSlambert Login Configurator plugin <= 2.1 versions.
CVE-2023-34175 1 Login Configurator Project 1 Login Configurator 2024-11-21 N/A 7.1 HIGH
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GrandSlambert Login Configurator plugin <= 2.1 versions.
CVE-2023-1893 1 Login Configurator Project 1 Login Configurator 2024-11-21 N/A 6.1 MEDIUM
The Login Configurator WordPress plugin through 2.1 does not properly escape a URL parameter before outputting it to the page, leading to a reflected cross-site scripting vulnerability targeting site administrators.