13 matches found
CVE-2024-13530
The Custom Login Page Styler – Limit Login Attempts – Restrict Content With Login – Redirect After Login – Change Login URL – Sign in , Sign out plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the lpshandledeletealllogs, lpshandledeleteloginlog, and...
WordPress Custom Login Page Styler plugin <= 7.1.1 - Missing Authorization to Authenticated (Subsciber+) Log Deletion and Session Termination vulnerability
Missing Authorization to Authenticated Subsciber+ Log Deletion and Session Termination vulnerability discovered by theviper17y in WordPress Plugin Login Page Styler versions = 7.1.1...
CVE-2024-13530
The Custom Login Page Styler – Limit Login Attempts – Restrict Content With Login – Redirect After Login – Change Login URL – Sign in , Sign out plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the lpshandledeletealllogs, lpshandledeleteloginlog, and...
CVE-2024-13530 Custom Login Page Styler <= 7.1.1 - Missing Authorization to Authenticated (Subsciber+) Log Deletion and Session Termination
The Custom Login Page Styler – Limit Login Attempts – Restrict Content With Login – Redirect After Login – Change Login URL – Sign in , Sign out plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the lpshandledeletealllogs, lpshandledeleteloginlog, and...
CVE-2024-13530
CVE-2024-13530 concerns the WordPress plugin “Custom Login Page Styler – Limit Login Attempts – Restrict Content With Login – Redirect After Login – Change Login URL – Sign in, Sign out”. The vulnerability arises from a missing capability check in three handlers (lps_handle_delete_all_logs, lps_h...
CVE-2024-13530 Custom Login Page Styler <= 7.1.1 - Missing Authorization to Authenticated (Subsciber+) Log Deletion and Session Termination
The Custom Login Page Styler – Limit Login Attempts – Restrict Content With Login – Redirect After Login – Change Login URL – Sign in , Sign out plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the lpshandledeletealllogs, lpshandledeleteloginlog, and...
PT-2024-17669 · WordPress · Custom Login Page Styler – Login Protected Private Site
Name of the Vulnerable Software and Affected Versions: Custom Login Page Styler – Login Protected Private Site plugin for WordPress versions up to, and including, 7.1.1 Description: The issue is related to a missing capability check on the lps generate temp access url AJAX action. This allows...
WordPress plugin Custom Login Page Styler 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...
WordPress ALL In One Custom Login Page plugin <= 7.1.1 - Missing Authorization to Authenticated (Subscriber+)Privilege Escalation vulnerability
Missing Authorization to Authenticated Subscriber+Privilege Escalation vulnerability discovered by Lucio Sá in WordPress Plugin Login Page Styler versions = 7.1.1...
CVE-2022-46861
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Zia Imtiaz Custom Login Page Styler for WordPress plugin = 6.2 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Zia Imtiaz Custom Login Page Styler for WordPress plugin = 6.2 versions...
Wordpress plugin Login Page Styler 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress Login Page Styler Plugin <= 6.2 is vulnerable to Cross Site Scripting (XSS)
Software Login Page Styler Type Plugin Vulnerable versions = 6.2 Fixed in 6.2.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-46861 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c713b1568697 Credits Justiice Required...