The Custom Login Redirect WordPress plugin up to and including 1.0.0 does not have CSRF check in place when saving its settings, and do not sanitise or escape user input before outputting them back in the page, leading to a Stored Cross-Site Scripting issue
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
custom login redirect project custom login redirect |