EUVD-2025-30502

Malicious code in bioql PyPI...

CVE-2025-58969

Missing Authorization vulnerability in Greg Winiarski Custom Login URL custom-login-url allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom Login URL: from n/a through = 1.0.2...

CVE-2025-58969

Missing Authorization vulnerability in Greg Winiarski Custom Login URL custom-login-url allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom Login URL: from n/a through = 1.0.2...

WordPress Custom Login URL Plugin <= 1.0.2 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Nabil Irawan in WordPress Plugin Custom Login URL versions = 1.0.2...

CVE-2025-58969 WordPress Custom Login URL Plugin <= 1.0.2 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Greg Winiarski Custom Login URL allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Custom Login URL: from n/a through 1.0.2...

CVE-2025-58969

CVE-2025-58969 affects the Custom Login URL WordPress plugin. The connected document confirms a Missing Authorization issue in Custom Login URL, enabling Unauthorized updates to plugin options via wcmlim_settings_ajax_handler, with affected versions up to and including 1.0.2. The patch for this v...

CVE-2025-58969 WordPress Custom Login URL Plugin <= 1.0.2 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Greg Winiarski Custom Login URL custom-login-url allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom Login URL: from n/a through = 1.0.2...

WordPress plugin Custom Login URL 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2025-39029

Name of the Vulnerable Software and Affected Versions WordPress Custom Login URL versions through 1.0.2 Description A missing authorization issue exists in Greg Winiarski Custom Login URL, allowing exploitation of incorrectly configured access control security levels. Recommendations Update to a...

CVE-2024-41667

OpenAM is an open access management solution. In versions 15.0.3 and prior, the getCustomLoginUrlTemplate method in RealmOAuth2ProviderSettings.java is vulnerable to template injection due to its usage of user input. Although the developer intended to implement a custom URL for handling login to...

PT-2024-15667 · WordPress · Essential Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Essential Addons for Elementor plugin for WordPress versions up to, and including, 5.9.4 Description: The issue is related to Stored Cross-Site Scripting via the Login/Register Element due to insufficient input sanitization and output...

Essential Addons for Elementor < 5.9.5 - Contributor+ Stored Cross-Site Scritping

Description The plugin is vulnerable to Stored Cross-Site Scripting via the Login/Register Element in all versions up to, and including, 5.9.4 due to insufficient input sanitization and output escaping on the custom login URL. This makes it possible for authenticated attackers with...

Mozilla VPN 授权问题漏洞

Mozilla VPN is an open source virtual private network web browser extension, desktop application and mobile application from the US-based Mozilla Foundation. A security vulnerability in Mozilla VPN iOS before 1.0.7929, Mozilla VPN Windows before 1.2.2, and Mozilla VPN Android before 1.1.01360 ste...