23 matches found
CVE-2022-0347
The LoginPress | Custom Login Page Customizer WordPress plugin before 1.5.12 does not escape the redirect-page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting...
EUVD-2019-6783
Malware in sbrugna...
EUVD-2022-45006
Malicious code in bioql PyPI...
EUVD-2022-15507
Malicious code in bioql PyPI...
CVE-2019-15872
The LoginPress plugin before 1.1.4 for WordPress has SQL injection via an import of settings...
CVE-2025-1764 LoginPress <= 3.3.1 - Cross-Site Request Forgery to Arbitrary Options Update
The LoginPress | wp-login Custom Login Page Customizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.3.1. This is due to missing or incorrect nonce validation on the 'custompluginsetoption' function. This makes it possible for...
CVE-2025-1764 LoginPress <= 3.3.1 - Cross-Site Request Forgery to Arbitrary Options Update
The LoginPress | wp-login Custom Login Page Customizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.3.1. This is due to missing or incorrect nonce validation on the 'custompluginsetoption' function. This makes it possible for...
CVE-2022-41839
Broken Access Control vulnerability in WordPress LoginPress plugin = 1.6.2 on WordPress leading to unauth. changing of Opt-In or Opt-Out tracking settings...
Improper access control
Broken Access Control vulnerability in WordPress LoginPress plugin = 1.6.2 on WordPress leading to unauth. changing of Opt-In or Opt-Out tracking settings...
CVE-2022-41839 WordPress LoginPress plugin <= 1.6.2 - Broken Access Control vulnerability
Broken Access Control vulnerability in WordPress LoginPress plugin = 1.6.2 on WordPress leading to unauth. changing of Opt-In or Opt-Out tracking settings...
WordPress plugin LoginPress 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
PT-2022-26091 · WordPress · Wordpress Loginpress
Name of the Vulnerable Software and Affected Versions: WordPress LoginPress plugin versions 1.6.2 and earlier Description: A Broken Access Control issue exists, allowing unauthorized changes to Opt-In or Opt-Out tracking settings. Recommendations: For WordPress LoginPress plugin versions 1.6.2 an...
WordPress LoginPress Plugin Cross-Site Scripting Vulnerability
WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress LoginPress Plugin versions prior to 1.5.12, which ste...
CVE-2022-0347
The LoginPress | Custom Login Page Customizer WordPress plugin before 1.5.12 does not escape the redirect-page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting...
LoginPress < 1.5.12 - Reflected Cross-Site Scripting
The plugin does not escape the redirect-page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting PoC...
WordPress LoginPress Plugin Authorization Issue Vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.LoginPress is a login page customization plugin used in it. An authorization issue vulnerability exists in the WordPress LoginPress...
CVE-2019-15872
The LoginPress plugin before 1.1.4 for WordPress has SQL injection via an import of settings...
CVE-2019-15872
The LoginPress plugin before 1.1.4 for WordPress has SQL injection via an import of settings...
CVE-2019-15871
The LoginPress plugin before 1.1.4 for WordPress has no capability check for updates to settings...
CVE-2019-15871
The LoginPress plugin before 1.1.4 for WordPress has no capability check for updates to settings...