Medium severity5.4NVD Advisory· Published May 2, 2023· Updated Jun 17, 2026
CVE-2023-1861
CVE-2023-1861
Description
The Limit Login Attempts WordPress plugin through 1.7.2 does not sanitize and escape usernames when outputting them back in the logs dashboard, which could allow any authenticated users, such as subscriber to perform Stored Cross-Site Scripting attacks
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=1.7.2
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/461cbcca-aed7-4c92-ba35-ebabf4fcd810nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.