CVE-2023-1893

Published: 2023-07-17T14:15Z

Last Modified: 2024-11-21T07:40Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

The Login Configurator WordPress plugin through 2.1 does not properly escape a URL parameter before outputting it to the page, leading to a reflected cross-site scripting vulnerability targeting site administrators. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt