A5 Custom Login Page - Reflected XSS

A5 Custom Login Page WordPress plugin v2.8.1 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before outputting it in the page, letting attackers execute malicious scripts in the context of high privilege users, exploit requires a crafted URL or...

WordPress Simple Custom Login Page plugin <= 1.0.3 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability

Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Nguyen Duong in WordPress Plugin Simple Custom Login Page versions = 1.0.3...

CVE-2026-10100

Technical details are not publicly available in the provided documents. No connected documents with concrete technical details were found. Monitor for updates.

Fedora 44 : cockpit (2026-ea792bf240)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-ea792bf240 advisory. Automatic update for cockpit-360.1-1.fc44. Changelog for cockpit Tue Apr 14 2026 Packit - 360.1-1 - Prevent overmounting also for btrfs subvolumes...

VulnCheck KEV: CVE-2025-14975

The Custom Login Page Customizer WordPress plugin before 2.5.4 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore gain access to their account...

CVE-2025-14975

The Custom Login Page Customizer WordPress plugin before 2.5.4 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore gain access to their account...

CVE-2025-14975

The Custom Login Page Customizer WordPress plugin before 2.5.4 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore gain access to their account...

CVE-2025-14975 Custom Login Page Customizer < 2.5.4 - Unauthenticated Arbitrary Password Reset

The Custom Login Page Customizer WordPress plugin before 2.5.4 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore gain access to their account...

CVE-2025-14975

The Custom Login Page Customizer WordPress plugin before 2.5.4 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore gain access to their account...

CVE-2025-14975

CVE-2025-14975 affects the WordPress plugin Custom Login Page Customizer (versions before 2.5.4). The vulnerability arises from an improper password reset process that allows unauthenticated requests to reset a user’s password by knowing the username (e.g., administrator), enabling account compro...

WordPress plugin Custom Login Page Customizer has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...

EUVD-2025-9258

Malicious code in bioql PyPI...

EUVD-2023-50944

Malicious code in bioql PyPI...

EUVD-2023-44596

Malicious code in bioql PyPI...

CVE-2024-13530

The Custom Login Page Styler – Limit Login Attempts – Restrict Content With Login – Redirect After Login – Change Login URL – Sign in , Sign out plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the lpshandledeletealllogs, lpshandledeleteloginlog, and...

CVE-2024-13226

The A5 Custom Login Page WordPress plugin through 2.8.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2023-46777

Cross-Site Request Forgery CSRF vulnerability in Custom Login Page | Temporary Users | Rebrand Login | Login Captcha plugin = 1.1.3 versions...

CVE-2023-26012

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Denzel Chia | Phire Design Custom Login Page plugin = 2.0 versions...

WordPress CLP – Custom Login Page by NiteoThemes plugin <= 1.5.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Thi Huyen Trang - Skalucy in WordPress Plugin CLP – Custom Login Page by NiteoThemes versions = 1.5.5...

CVE-2025-31769

Cross-Site Request Forgery CSRF vulnerability in NiteoThemes CLP – Custom Login Page by NiteoThemes clp-custom-login-page allows Cross Site Request Forgery.This issue affects CLP – Custom Login Page by NiteoThemes: from n/a through = 1.5.5...