1694 matches found
CVE-2025-12132
The WP Custom Admin Login Page Logo plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.8.4. This is due to missing or incorrect nonce validation on the wpclplsave functionality. This makes it possible for unauthenticated attackers to modify...
CVE-2025-12132 WP Custom Admin Login Page Logo <= 1.4.8.4 - Cross-Site Request Forgery to Settings Update
The WP Custom Admin Login Page Logo plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.8.4. This is due to missing or incorrect nonce validation on the wpclplsave functionality. This makes it possible for unauthenticated attackers to modify...
WordPress WP Custom Admin Login Page Logo plugin <= 1.4.8.4 - Cross-Site Request Forgery to Settings Update vulnerability
Cross-Site Request Forgery to Settings Update vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin WP Custom Admin Login Page Logo versions = 1.4.8.4...
PT-2025-46274
Name of the Vulnerable Software and Affected Versions WP Custom Admin Login Page Logo plugin for WordPress versions prior to 1.4.8.5 Description The plugin is susceptible to Cross-Site Request Forgery CSRF due to missing or incorrect nonce validation on the wpclpl save functionality. This allows...
PT-2025-46543
Name of the Vulnerable Software and Affected Versions LOGO! 12/24RCE 6ED1052-1MD08-0BA2 affected versions not specified LOGO! 12/24RCEo 6ED1052-2MD08-0BA2 affected versions not specified LOGO! 230RCE 6ED1052-1FB08-0BA2 affected versions not specified LOGO! 230RCEo 6ED1052-2FB08-0BA2 affected...
Siemens LOGO! 访问控制错误漏洞
Siemens LOGO! is a programmable logic controller from Siemens Germany. An access control error vulnerability exists in Siemens LOGO! that arises from the absence of certain authentication, which could allow an unauthenticated, remote attacker to alter the device's time, which could in turn affect...
PT-2025-46542
Name of the Vulnerable Software and Affected Versions LOGO! 12/24RCE 6ED1052-1MD08-0BA2 affected versions not specified LOGO! 12/24RCEo 6ED1052-2MD08-0BA2 affected versions not specified LOGO! 230RCE 6ED1052-1FB08-0BA2 affected versions not specified LOGO! 230RCEo 6ED1052-2FB08-0BA2 affected...
Siemens LOGO! 访问控制错误漏洞
Siemens LOGO! is a programmable logic controller from Siemens, Germany. An Access Control Error vulnerability exists in Siemens LOGO! where an unauthenticated, remote attacker could manipulate the IP address of the device, rendering it inaccessible. The following products are affected:...
Siemens多款产品 安全漏洞
Siemens LOGO! is a programmable logic controller from Siemens Germany. A security vulnerability exists in various Siemens products that stems from improper validation of the TCP packet structure, which could result in a buffer overflow and execution of arbitrary code. The following products are...
PT-2025-46541
Name of the Vulnerable Software and Affected Versions LOGO! 12/24RCE 6ED1052-1MD08-0BA2 affected versions not specified LOGO! 12/24RCEo 6ED1052-2MD08-0BA2 affected versions not specified LOGO! 230RCE 6ED1052-1FB08-0BA2 affected versions not specified LOGO! 230RCEo 6ED1052-2FB08-0BA2 affected...
CVE-2025-53245
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Afzal Multani WP Logo Changer am-login-logo allows Stored XSS.This issue affects WP Logo Changer: from n/a through = 1.2...
Cross-site Scripting (XSS)
novosga/novosga is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper sanitization of user-supplied input in the logoNavbar/logoLogin parameters within the /admin component’s SVG File Handler, which allows an attacker to inject and execute arbitrary web scripts remotely...
CVE-2025-53245
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Afzal Multani WP Logo Changer am-login-logo allows Stored XSS.This issue affects WP Logo Changer: from n/a through = 1.2...
CVE-2025-53245 WordPress WP Logo Changer Plugin <= 1.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Afzal Multani WP Logo Changer am-login-logo allows Stored XSS.This issue affects WP Logo Changer: from n/a through = 1.2...
EUVD-2025-38000
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Afzal Multani WP Logo Changer am-login-logo allows Stored XSS.This issue affects WP Logo Changer: from n/a through = 1.2...
CVE-2025-53245 WordPress WP Logo Changer Plugin <= 1.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Afzal Multani WP Logo Changer am-login-logo allows Stored XSS.This issue affects WP Logo Changer: from n/a through = 1.2...
CVE-2025-53245
CVE-2025-53245 pertains to the WordPress plugin WP Logo Changer (am-login-logo) with versions up to and including 1.2. The vulnerability is Stored XSS caused by improper neutralization during web page generation, allowing injected scripts to persist in the affected pages. Multiple sources (NVD, R...
PT-2025-45221
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Afzal Multani WP Logo Changer am-login-logo allows Stored XSS.This issue affects WP Logo Changer: from n/a through = 1.2...
pcs security update
0.10.18-2.0.1.7 - Replaced HAM-logo...
WordPress plugin WP Logo Changer 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...