=============== Software Description =============== Software:clean login version:<1.8 description:Responsive Frontend Login and Registration plugin. ======== Details ======== CSRF in wordpress plugin clean login allows remote attacker change wordpress login redirect url or logout redirect url to evil address. ======== POC: ======== ========= Mitigations ================ Disable the plugin until a new version is released that fixes this bug. ========= Fixed ========= https://wordpress.org/plugins/clean-login/#developers(1.8 version update)