CVE-2018-11366

init.php in the Loginizer plugin 1.3.8 through 1.3.9 for WordPress has Unauthenticated Stored Cross-Site Scripting (XSS) because logging is mishandled. This is fixed in 1.4.0.
Configurations

Configuration 1

cpe:2.3:a:loginizer:loginizer:1.3.8:*:*:*:*:wordpress:*:*
cpe:2.3:a:loginizer:loginizer:1.3.9:*:*:*:*:wordpress:*:*

Information

Published : 2018-05-22 01:29

Updated : 2018-06-26 05:03


NVD link : CVE-2018-11366

Mitre link : CVE-2018-11366

Products Affected
No products.
CWE