Cross-site scripting (XSS) vulnerability in the Login With Ajax plugin before 3.0.4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the callback parameter.
2012-08-13T23:55:02.913
2025-04-11T00:51:21.963
Deferred
CVSSv2: 4.3 (MEDIUM)
AV:N/AC:M/Au:N/C:N/I:P/A:N
8.6
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | netweblogic | login_with_ajax | ≤ 3.0.4 | Yes |
| Application | netweblogic | login_with_ajax | 2.1 | Yes |
| Application | netweblogic | login_with_ajax | 2.1.1 | Yes |
| Application | netweblogic | login_with_ajax | 2.1.2 | Yes |
| Application | netweblogic | login_with_ajax | 2.1.3 | Yes |
| Application | netweblogic | login_with_ajax | 2.1.4 | Yes |
| Application | netweblogic | login_with_ajax | 2.1.5 | Yes |
| Application | netweblogic | login_with_ajax | 2.2 | Yes |
| Application | netweblogic | login_with_ajax | 2.21 | Yes |
| Application | netweblogic | login_with_ajax | 3.0 | Yes |
| Application | netweblogic | login_with_ajax | 3.0.1 | Yes |
| Application | netweblogic | login_with_ajax | 3.0.2 | Yes |
| Application | netweblogic | login_with_ajax | 3.0.3 | Yes |
| Application | netweblogic | login_with_ajax | 3.0b | Yes |
| Application | wordpress | wordpress | - | No |