CVE-2024-11405 | WP Front-End Login and Register Plugin up to 2.1.0 on WordPress wpmp_reset_password_token cross site scripting

Inserito da Angelo Barbosa | Lug 1, 2025 | CVE

A vulnerability was found in WP Front-End Login and Register Plugin up to 2.1.0 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. The manipulation of the argument wpmp_reset_password_token leads to cross site scripting.

This vulnerability was named CVE-2024-11405. The attack can be initiated remotely. There is no exploit available.

CVE-2024-11405 | WP Front-End Login and Register Plugin up to 2.1.0 on WordPress wpmp_reset_password_token cross site scripting

Post correlati

CVE-2024-12667 | InvoicePlane up to 1.6.1 /invoices/view session expiration

CVE-2024-3781 | White Bear Solutions WBSAirback 21.02.04 Active Directory os command injection

CVE-2024-2814 | Tenda AC15 15.03.20_multi /goform/DhcpListClient fromDhcpListClient page stack-based overflow

CVE-2025-40635 | Comerzzia Backoffice Sales Orchestrator 3.0.15 /comerzzia/login uidActivity/codCompany/uidInstance sql injection