CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

Positive Technologies•added 2025/11/11 12:0 a.m.•4 views

PT-2025-46274

Name of the Vulnerable Software and Affected Versions WP Custom Admin Login Page Logo plugin for WordPress versions prior to 1.4.8.5 Description The plugin is susceptible to Cross-Site Request Forgery CSRF due to missing or incorrect nonce validation on the wpclpl save functionality. This allows...

4.3CVSS6.2AI score0.00013EPSS

Exploits0References4

OSV•added 2023/09/06 9:15 a.m.•1 views

CVE-2023-40329

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPZest Custom Admin Login Page | WPZest plugin = 1.2.0 versions...

4.8CVSS7.3AI score0.00159EPSS

Exploits0References1

Vulnrichment•added 2023/09/06 8:24 a.m.•11 views

CVE-2023-40329 WordPress Custom Admin Login Page | WPZest Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPZest Custom Admin Login Page | WPZest plugin = 1.2.0 versions...

5.9CVSS5.6AI score0.00159EPSS

Exploits0References1

Cvelist•added 2023/09/06 8:24 a.m.•13 views

CVE-2023-40329 WordPress Custom Admin Login Page | WPZest Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPZest Custom Admin Login Page | WPZest plugin = 1.2.0 versions...

5.9CVSS5.5AI score0.00159EPSS

Exploits0References1

CVE•added 2023/09/06 8:24 a.m.•35 views

CVE-2023-40329

CVE-2023-40329 affects the WordPress plugin WPZest Custom Admin Login Page (WPZest) up to version 1.2.0. The vulnerability is an authenticated Stored Cross-Site Scripting (XSS) flaw, where user input in admin settings is not properly validated/escaped, enabling XSS with admin privileges. Several ...

5.9CVSS5.1AI score0.00159EPSS

Exploits0References1Affected Software1

CNNVD•added 2023/09/06 12:0 a.m.•2 views

WordPress plugin custom-admin-login-styler-wpzest cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

5.9CVSS6AI score0.00159EPSS

Exploits0References2

Patchstack•added 2023/08/16 12:0 a.m.•9 views

WordPress Custom Admin Login Page | WPZest Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS)

Software Custom Admin Login Page | WPZest Type Plugin Vulnerable versions = 1.2.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-40329 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 1213e411287f Credits Lokesh...

5.9CVSS5.7AI score0.00159EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by