60 matches found
A5 Custom Login Page - Reflected XSS
A5 Custom Login Page WordPress plugin v2.8.1 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before outputting it in the page, letting attackers execute malicious scripts in the context of high privilege users, exploit requires a crafted URL or...
WordPress Simple Custom Login Page plugin <= 1.0.3 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability
Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Nguyen Duong in WordPress Plugin Simple Custom Login Page versions = 1.0.3...
CVE-2026-10100
Technical details are not publicly available in the provided documents. No connected documents with concrete technical details were found. Monitor for updates.
Fedora 44 : cockpit (2026-ea792bf240)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-ea792bf240 advisory. Automatic update for cockpit-360.1-1.fc44. Changelog for cockpit Tue Apr 14 2026 Packit - 360.1-1 - Prevent overmounting also for btrfs subvolumes...
VulnCheck KEV: CVE-2025-14975
The Custom Login Page Customizer WordPress plugin before 2.5.4 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore gain access to their account...
CVE-2025-14975
The Custom Login Page Customizer WordPress plugin before 2.5.4 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore gain access to their account...
CVE-2025-14975
The Custom Login Page Customizer WordPress plugin before 2.5.4 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore gain access to their account...
CVE-2025-14975
The Custom Login Page Customizer WordPress plugin before 2.5.4 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore gain access to their account...
CVE-2025-14975
CVE-2025-14975 affects the WordPress plugin Custom Login Page Customizer (versions before 2.5.4). The vulnerability arises from an improper password reset process that allows unauthenticated requests to reset a user’s password by knowing the username (e.g., administrator), enabling account compro...
CVE-2025-14975 Custom Login Page Customizer < 2.5.4 - Unauthenticated Arbitrary Password Reset
The Custom Login Page Customizer WordPress plugin before 2.5.4 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore gain access to their account...
WordPress plugin Custom Login Page Customizer has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...
EUVD-2025-9258
Malicious code in bioql PyPI...
EUVD-2023-50944
Malicious code in bioql PyPI...
EUVD-2023-44596
Malicious code in bioql PyPI...
CVE-2024-13530
The Custom Login Page Styler – Limit Login Attempts – Restrict Content With Login – Redirect After Login – Change Login URL – Sign in , Sign out plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the lpshandledeletealllogs, lpshandledeleteloginlog, and...
CVE-2024-13226
The A5 Custom Login Page WordPress plugin through 2.8.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-46777
Cross-Site Request Forgery CSRF vulnerability in Custom Login Page | Temporary Users | Rebrand Login | Login Captcha plugin = 1.1.3 versions...
CVE-2023-26012
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Denzel Chia | Phire Design Custom Login Page plugin = 2.0 versions...
WordPress CLP – Custom Login Page by NiteoThemes plugin <= 1.5.5 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Thi Huyen Trang - Skalucy in WordPress Plugin CLP – Custom Login Page by NiteoThemes versions = 1.5.5...
CVE-2025-31769
Cross-Site Request Forgery CSRF vulnerability in NiteoThemes CLP – Custom Login Page by NiteoThemes clp-custom-login-page allows Cross Site Request Forgery.This issue affects CLP – Custom Login Page by NiteoThemes: from n/a through = 1.5.5...