Skip to main content

Login Rebuilder

2 CVEs product

Monthly

CVE-2023-2223 MEDIUM POC This Month

The Login rebuilder WordPress plugin before 2.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Login Rebuilder
NVD WPScan
CVSS 3.1
4.8
EPSS
0.6%
CVE-2014-3882 MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in the Login rebuilder plugin before 1.2.0 for WordPress allows remote attackers to hijack the authentication of arbitrary users. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF WordPress Login Rebuilder
NVD
CVSS 2.0
6.8
EPSS
0.2%
EPSS 1% CVSS 4.8
MEDIUM POC This Month

The Login rebuilder WordPress plugin before 2.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Login Rebuilder
NVD WPScan
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in the Login rebuilder plugin before 1.2.0 for WordPress allows remote attackers to hijack the authentication of arbitrary users. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF WordPress Login Rebuilder
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy