Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-24939 | 1 Profilepress | 1 Loginwp | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
The LoginWP (Formerly Peter's Login Redirect) WordPress plugin before 3.0.0.5 does not sanitise and escape the rul_login_url and rul_logout_url parameter before outputting them back in attributes in an admin page, leading to a Reflected Cross-Site Scripting issue
|
|||||
| CVE-2019-15115 | 1 Profilepress | 1 Loginwp | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
The peters-login-redirect plugin before 2.9.2 for WordPress has CSRF.
|
|||||
| CVE-2016-10925 | 1 Profilepress | 1 Loginwp | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
The peters-login-redirect plugin before 2.9.1 for WordPress has XSS during the editing of redirect URLs.
|
|||||