CVE-2024-11405 | WP Front-End Login and Register Plugin up to 2.1.0 on WordPress wpmp_reset_password_token cross site scripting

Inserito da Angelo Barbosa | Lug 1, 2025 | CVE

A vulnerability was found in WP Front-End Login and Register Plugin up to 2.1.0 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. The manipulation of the argument wpmp_reset_password_token leads to cross site scripting.

This vulnerability was named CVE-2024-11405. The attack can be initiated remotely. There is no exploit available.

CVE-2024-11405 | WP Front-End Login and Register Plugin up to 2.1.0 on WordPress wpmp_reset_password_token cross site scripting

Post correlati

CVE-2024-13524 | obsproject OBS Studio up to 30.0.2 on Windows untrusted search path

CVE-2024-9927 | WooCommerce Order Proposal Plugin up to 2.0.5 on WordPress Privilege Escalation

CVE-2024-35781 | YAHMAN Word Balloon Plugin up to 4.21.1 on WordPress path traversal

CVE-2024-39685 | FishAudio Bert-VITS2 up to 2.3 resample data_dir os command injection (GHSL-2024-045)