Lucene search
+L

252 matches found

CNNVD
CNNVD
added 2025/05/05 12:0 a.m.5 views

WordPress plugin Custom Login and Registration 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

6.5CVSS6.5AI score0.00173EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/05/05 12:0 a.m.6 views

PT-2025-19343 · Unknown · Alphaefficiencyteam Custom Login/Registration

Name of the Vulnerable Software and Affected Versions: AlphaEfficiencyTeam Custom Login and Registration versions n/a through 1.0.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This...

6.5CVSS6.6AI score0.00173EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/04/27 8:55 a.m.22 views

CVE-2025-46535

Missing Authorization vulnerability in AlphaEfficiencyTeam Custom Login and Registration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom Login and Registration: from n/a through 1.0.0...

5.4CVSS8.5AI score0.00242EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/04/25 8:15 a.m.7 views

CVE-2025-46535

Missing Authorization vulnerability in AlphaEfficiencyTeam Custom Login and Registration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom Login and Registration: from n/a through 1.0.0...

5.4CVSS8.5AI score0.00242EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/04/25 8:5 a.m.7 views

CVE-2025-46535 WordPress Custom Login and Registration plugin <= 1.0.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in AlphaEfficiencyTeam Custom Login and Registration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom Login and Registration: from n/a through 1.0.0...

5.4CVSS7.2AI score0.00242EPSS
Exploits0References1
CVE
CVE
added 2025/04/25 8:5 a.m.68 views

CVE-2025-46535

CVE-2025-46535 concerns WordPress plugin “Custom Login and Registration” (MS-Registration) versions up to 1.0.0. The issue is described as a Missing Authorization vulnerability allowing exploitation of incorrectly configured access control. Public sources in the Connected Documents confirm the vu...

5.4CVSS8.5AI score0.00242EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/25 12:0 a.m.8 views

PT-2025-17896 · Alphaefficiencyteam · Custom Login/Registration

Name of the Vulnerable Software and Affected Versions: AlphaEfficiencyTeam Custom Login and Registration versions 1.0.0 and earlier Description: The issue is related to a Missing Authorization vulnerability that allows exploiting incorrectly configured access control security levels. This affects...

5.4CVSS6.2AI score0.00242EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/04/25 12:0 a.m.6 views

WordPress plugin Custom Login and Registration 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...

5.4CVSS6.3AI score0.00242EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/04/06 2:20 p.m.19 views

CVE-2025-2798

The Woffice CRM theme for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 5.4.21. This is due to a misconfiguration of excluded roles during registration. This makes it possible for unauthenticated attackers to register with an Administrator role if a custom...

9.8CVSS6.8AI score0.00623EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/04 1:44 p.m.19 views

CVE-2025-2798 Woffice <= 5.4.21 - Authentication Bypass via Registration Role

The Woffice CRM theme for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 5.4.21. This is due to a misconfiguration of excluded roles during registration. This makes it possible for unauthenticated attackers to register with an Administrator role if a custom...

9.8CVSS7.1AI score0.00623EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/04/01 3:51 p.m.5 views

WordPress CLP – Custom Login Page by NiteoThemes plugin <= 1.5.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Thi Huyen Trang - Skalucy in WordPress Plugin CLP – Custom Login Page by NiteoThemes versions = 1.5.5...

4.3CVSS6.7AI score0.00197EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/04/01 3:16 p.m.4 views

CVE-2025-31769

Cross-Site Request Forgery CSRF vulnerability in NiteoThemes CLP – Custom Login Page by NiteoThemes clp-custom-login-page allows Cross Site Request Forgery.This issue affects CLP – Custom Login Page by NiteoThemes: from n/a through = 1.5.5...

4.3CVSS0.00197EPSS
Exploits0References1
CVE
CVE
added 2025/04/01 2:51 p.m.40 views

CVE-2025-31769

CVE-2025-31769 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin “CLP – Custom Login Page by NiteoThemes”, affecting versions from n/a through 1.5.5. The issue stems from CSRF in the plugin (root cause details not explicitly provided in the documents). Impact is ...

4.3CVSS5.9AI score0.00197EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/01 2:51 p.m.4 views

CVE-2025-31769 WordPress CLP – Custom Login Page by NiteoThemes plugin <= 1.5.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in NiteoThemes CLP – Custom Login Page by NiteoThemes clp-custom-login-page allows Cross Site Request Forgery.This issue affects CLP – Custom Login Page by NiteoThemes: from n/a through = 1.5.5...

4.3CVSS5.1AI score0.00197EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/01 2:51 p.m.15 views

CVE-2025-31769 WordPress CLP – Custom Login Page by NiteoThemes plugin <= 1.5.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in NiteoThemes CLP – Custom Login Page by NiteoThemes clp-custom-login-page allows Cross Site Request Forgery.This issue affects CLP – Custom Login Page by NiteoThemes: from n/a through = 1.5.5...

4.3CVSS0.00197EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.3 views

WordPress plugin CLP – Custom Login Page by NiteoThemes 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin CLP - Custom Login Page by...

4.3CVSS4.8AI score0.00197EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.5 views

PT-2025-14155 · Niteothemes · Clp – Custom Login Page

Name of the Vulnerable Software and Affected Versions: CLP – Custom Login Page by NiteoThemes versions 1.5.5 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows Cross Site Request Forgery. This means an attacker can trick a user into performing...

4.3CVSS4.4AI score0.00197EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/03/29 11:48 a.m.6 views

CVE-2025-30822

Cross-Site Request Forgery CSRF vulnerability in Hakik Zaman Custom Login Logo ideal-wp-login-logo-changer allows Cross Site Request Forgery.This issue affects Custom Login Logo: from n/a through = 1.1.7...

4.3CVSS7.2AI score0.00197EPSS
Exploits0References1
NVD
NVD
added 2025/03/27 11:15 a.m.10 views

CVE-2025-30822

Cross-Site Request Forgery CSRF vulnerability in Hakik Zaman Custom Login Logo ideal-wp-login-logo-changer allows Cross Site Request Forgery.This issue affects Custom Login Logo: from n/a through = 1.1.7...

4.3CVSS0.00197EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/03/27 11:0 a.m.3 views

WordPress Custom Login Logo Plugin <= 1.1.7 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Custom Login Logo versions = 1.1.7...

4.3CVSS7AI score0.00197EPSS
Exploits0Affected Software1
Rows per page
Query Builder