Cross-Site Request Forgery (CSRF) vulnerability in Pixelite Login With Ajax.This issue affects Login With Ajax: from n/a through...
4.3CVSS
6.8AI Score
0.0004EPSS
The Limit Login Attempts Reloaded WordPress plugin before 2.25.26 is missing authorization on the toggle_auto_update AJAX action, allowing any user with a valid nonce to toggle the auto-update status of the...
4.3CVSS
4.5AI Score
0.0004EPSS
Cross-site scripting (XSS) vulnerability in the Login With Ajax plugin before 3.0.4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the callback...
6AI Score
0.002EPSS
Cross-site request forgery (CSRF) vulnerability in the Login With Ajax plugin before 3.1 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that modify this plugin's...
7.5AI Score
0.001EPSS
Cross-site scripting (XSS) vulnerability in login-with-ajax.php in the Login With Ajax (aka login-with-ajax) plugin before 3.0.4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the callback parameter in a lostpassword action to...
6AI Score
0.003EPSS