VYPR

Login Configurator

by WordPress

CVEs (3)

  • CVE-2023-34175HigAug 30, 2023
    risk 0.46cvss 7.1epss 0.00

    Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GrandSlambert Login Configurator plugin <= 2.1 versions.

  • CVE-2023-1893MedJul 17, 2023
    risk 0.40cvss 6.1epss 0.01

    The Login Configurator WordPress plugin through 2.1 does not properly escape a URL parameter before outputting it to the page, leading to a reflected cross-site scripting vulnerability targeting site administrators.

  • CVE-2023-34369MedJul 25, 2023
    risk 0.38cvss 5.9epss 0.00

    Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in GrandSlambert Login Configurator plugin <= 2.1 versions.