Lucene search
K

1694 matches found

NVD
NVD
added 2025/11/11 4:15 a.m.9 views

CVE-2025-12132

The WP Custom Admin Login Page Logo plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.8.4. This is due to missing or incorrect nonce validation on the wpclplsave functionality. This makes it possible for unauthenticated attackers to modify...

4.3CVSS0.00108EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/11 3:30 a.m.5 views

CVE-2025-12132 WP Custom Admin Login Page Logo <= 1.4.8.4 - Cross-Site Request Forgery to Settings Update

The WP Custom Admin Login Page Logo plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.8.4. This is due to missing or incorrect nonce validation on the wpclplsave functionality. This makes it possible for unauthenticated attackers to modify...

4.3CVSS0.00108EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/11/11 12:19 a.m.4 views

WordPress WP Custom Admin Login Page Logo plugin <= 1.4.8.4 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin WP Custom Admin Login Page Logo versions = 1.4.8.4...

4.3CVSS6.9AI score0.00108EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.6 views

PT-2025-46274

Name of the Vulnerable Software and Affected Versions WP Custom Admin Login Page Logo plugin for WordPress versions prior to 1.4.8.5 Description The plugin is susceptible to Cross-Site Request Forgery CSRF due to missing or incorrect nonce validation on the wpclpl save functionality. This allows...

4.3CVSS6.2AI score0.00108EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.6 views

PT-2025-46543

Name of the Vulnerable Software and Affected Versions LOGO! 12/24RCE 6ED1052-1MD08-0BA2 affected versions not specified LOGO! 12/24RCEo 6ED1052-2MD08-0BA2 affected versions not specified LOGO! 230RCE 6ED1052-1FB08-0BA2 affected versions not specified LOGO! 230RCEo 6ED1052-2FB08-0BA2 affected...

7.1CVSS6.4AI score0.00228EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.2 views

Siemens LOGO! 访问控制错误漏洞

Siemens LOGO! is a programmable logic controller from Siemens Germany. An access control error vulnerability exists in Siemens LOGO! that arises from the absence of certain authentication, which could allow an unauthenticated, remote attacker to alter the device's time, which could in turn affect...

7.1CVSS6.5AI score0.00228EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.7 views

PT-2025-46542

Name of the Vulnerable Software and Affected Versions LOGO! 12/24RCE 6ED1052-1MD08-0BA2 affected versions not specified LOGO! 12/24RCEo 6ED1052-2MD08-0BA2 affected versions not specified LOGO! 230RCE 6ED1052-1FB08-0BA2 affected versions not specified LOGO! 230RCEo 6ED1052-2FB08-0BA2 affected...

7.6CVSS6.4AI score0.00182EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.3 views

Siemens LOGO! 访问控制错误漏洞

Siemens LOGO! is a programmable logic controller from Siemens, Germany. An Access Control Error vulnerability exists in Siemens LOGO! where an unauthenticated, remote attacker could manipulate the IP address of the device, rendering it inaccessible. The following products are affected:...

7.6CVSS6.6AI score0.00182EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.6 views

Siemens多款产品 安全漏洞

Siemens LOGO! is a programmable logic controller from Siemens Germany. A security vulnerability exists in various Siemens products that stems from improper validation of the TCP packet structure, which could result in a buffer overflow and execution of arbitrary code. The following products are...

8.6CVSS7.2AI score0.00317EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.5 views

PT-2025-46541

Name of the Vulnerable Software and Affected Versions LOGO! 12/24RCE 6ED1052-1MD08-0BA2 affected versions not specified LOGO! 12/24RCEo 6ED1052-2MD08-0BA2 affected versions not specified LOGO! 230RCE 6ED1052-1FB08-0BA2 affected versions not specified LOGO! 230RCEo 6ED1052-2FB08-0BA2 affected...

8.6CVSS6.6AI score0.00317EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/11/07 3:54 p.m.3 views

CVE-2025-53245

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Afzal Multani WP Logo Changer am-login-logo allows Stored XSS.This issue affects WP Logo Changer: from n/a through = 1.2...

7.1CVSS6AI score0.00191EPSS
Exploits0References1
Veracode
Veracode
added 2025/11/06 5:13 p.m.7 views

Cross-site Scripting (XSS)

novosga/novosga is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper sanitization of user-supplied input in the logoNavbar/logoLogin parameters within the /admin component’s SVG File Handler, which allows an attacker to inject and execute arbitrary web scripts remotely...

4.8CVSS7AI score0.00288EPSS
Exploits0References9Affected Software1
NVD
NVD
added 2025/11/06 4:15 p.m.4 views

CVE-2025-53245

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Afzal Multani WP Logo Changer am-login-logo allows Stored XSS.This issue affects WP Logo Changer: from n/a through = 1.2...

7.1CVSS0.00191EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/06 3:53 p.m.2 views

CVE-2025-53245 WordPress WP Logo Changer Plugin <= 1.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Afzal Multani WP Logo Changer am-login-logo allows Stored XSS.This issue affects WP Logo Changer: from n/a through = 1.2...

7.1CVSS5.6AI score0.00191EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/06 3:53 p.m.2 views

EUVD-2025-38000

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Afzal Multani WP Logo Changer am-login-logo allows Stored XSS.This issue affects WP Logo Changer: from n/a through = 1.2...

5.5AI score0.00191EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/06 3:53 p.m.7 views

CVE-2025-53245 WordPress WP Logo Changer Plugin <= 1.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Afzal Multani WP Logo Changer am-login-logo allows Stored XSS.This issue affects WP Logo Changer: from n/a through = 1.2...

7.1CVSS0.00191EPSS
Exploits0References1
CVE
CVE
added 2025/11/06 3:53 p.m.8 views

CVE-2025-53245

CVE-2025-53245 pertains to the WordPress plugin WP Logo Changer (am-login-logo) with versions up to and including 1.2. The vulnerability is Stored XSS caused by improper neutralization during web page generation, allowing injected scripts to persist in the affected pages. Multiple sources (NVD, R...

7.1CVSS5.6AI score0.00191EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.4 views

PT-2025-45221

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Afzal Multani WP Logo Changer am-login-logo allows Stored XSS.This issue affects WP Logo Changer: from n/a through = 1.2...

6AI score0.00191EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2025/11/06 12:0 a.m.7 views

pcs security update

0.10.18-2.0.1.7 - Replaced HAM-logo...

7.5CVSS7AI score0.00848EPSS
Exploits0
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.3 views

WordPress plugin WP Logo Changer 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
Rows per page
Query Builder