251 matches found
A5 Custom Login Page - Reflected XSS
A5 Custom Login Page WordPress plugin v2.8.1 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before outputting it in the page, letting attackers execute malicious scripts in the context of high privilege users, exploit requires a crafted URL or...
WordPress Custom Login And Signup Widget Plugin <= 1.0 - Arbitrary Code Execution
Improper Control of Generation of Code 'Code Injection' vulnerability in bitto.Kazi Custom Login And Signup Widget allows Code Injection.This issue affects Custom Login And Signup Widget: from n/a through 1.0 id: CVE-2025-49029 info: name: WordPress Custom Login And Signup Widget Plugin = 1.0 -...
WordPress Simple Custom Login Page plugin <= 1.0.3 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability
Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Nguyen Duong in WordPress Plugin Simple Custom Login Page versions = 1.0.3...
CVE-2026-10100
Technical details are not publicly available in the provided documents. No connected documents with concrete technical details were found. Monitor for updates.
Fedora 44 : cockpit (2026-ea792bf240)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-ea792bf240 advisory. Automatic update for cockpit-360.1-1.fc44. Changelog for cockpit Tue Apr 14 2026 Packit - 360.1-1 - Prevent overmounting also for btrfs subvolumes...
CVE-2026-39605
Missing Authorization vulnerability in Obadiah Super Custom Login super-custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Custom Login: from n/a through = 1.1...
EUVD-2026-20236
Missing Authorization vulnerability in Obadiah Super Custom Login super-custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Custom Login: from n/a through = 1.1...
CVE-2026-39605
Missing Authorization vulnerability in Obadiah Super Custom Login super-custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Custom Login: from n/a through = 1.1...
CVE-2026-39605 WordPress Super Custom Login plugin <= 1.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Obadiah Super Custom Login super-custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Custom Login: from n/a through = 1.1...
CVE-2026-39605
Missing Authorization vulnerability in Obadiah Super Custom Login super-custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Custom Login: from n/a through = 1.1...
CVE-2026-39605 WordPress Super Custom Login plugin <= 1.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Obadiah Super Custom Login super-custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Custom Login: from n/a through = 1.1...
CVE-2026-39605
CVE-2026-39605 concerns the WordPress WordPress Super Custom Login plugin (version
WordPress plugin Super Custom Login 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-31170
Missing Authorization vulnerability in Obadiah Super Custom Login super-custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Custom Login: from n/a through = 1.1...
Products.isurlinportal has possible open redirect when using more than 2 forward slashes
Impact A url /login?camefrom=////evil.example may redirect to an external website after login. Standard Plone is not affected, but if you have customised the login, for example with add-ons, you might be affected. You can try the url to check if you are affected or not. Patches The problem has be...
VulnCheck KEV: CVE-2025-14975
The Custom Login Page Customizer WordPress plugin before 2.5.4 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore gain access to their account...
CVE-2025-14975
The Custom Login Page Customizer WordPress plugin before 2.5.4 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore gain access to their account...
CVE-2025-14975
The Custom Login Page Customizer WordPress plugin before 2.5.4 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore gain access to their account...
CVE-2025-14975
The Custom Login Page Customizer WordPress plugin before 2.5.4 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore gain access to their account...
CVE-2025-14975 Custom Login Page Customizer < 2.5.4 - Unauthenticated Arbitrary Password Reset
The Custom Login Page Customizer WordPress plugin before 2.5.4 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore gain access to their account...