101 matches found
CVE-2025-1764
The LoginPress | wp-login Custom Login Page Customizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.3.1. This is due to missing or incorrect nonce validation on the 'custompluginsetoption' function. This makes it possible for...
CVE-2025-1764 LoginPress <= 3.3.1 - Cross-Site Request Forgery to Arbitrary Options Update
The LoginPress | wp-login Custom Login Page Customizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.3.1. This is due to missing or incorrect nonce validation on the 'custompluginsetoption' function. This makes it possible for...
CVE-2025-1764 LoginPress <= 3.3.1 - Cross-Site Request Forgery to Arbitrary Options Update
The LoginPress | wp-login Custom Login Page Customizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.3.1. This is due to missing or incorrect nonce validation on the 'custompluginsetoption' function. This makes it possible for...
WordPress plugin LoginPress 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...
WordPress LoginPress plugin <= 3.3.1 - Cross-Site Request Forgery to Arbitrary Options Update vulnerability
Cross-Site Request Forgery to Arbitrary Options Update vulnerability discovered by Carlos Ferreira in WordPress Plugin LoginPress versions = 3.3.1...
CVE-2024-32676
Improper Restriction of Excessive Authentication Attempts vulnerability in LoginPress LoginPress Pro allows Removing Important Client Functionality.This issue affects LoginPress Pro: from n/a before 3.0.0...
CVE-2024-32676
The CVE-2024-32676 entry concerns LoginPress Pro prior to version 3.0.0, with documented details in connected sources indicating a Captcha Bypass in LoginPress Pro (|Captcha Bypass|) and related authorization issues. The vulnerability is categorized as Improper Restriction of Excessive Authentica...
CVE-2024-32676 WordPress LoginPress Pro plugin < 3.0.0 - Captcha Bypass vulnerability
Improper Restriction of Excessive Authentication Attempts vulnerability in LoginPress LoginPress Pro allows Removing Important Client Functionality.This issue affects LoginPress Pro: from n/a before 3.0.0...
CVE-2024-32676 WordPress LoginPress Pro plugin < 3.0.0 - Captcha Bypass vulnerability
Improper Restriction of Excessive Authentication Attempts vulnerability in LoginPress LoginPress Pro allows Removing Important Client Functionality.This issue affects LoginPress Pro: from n/a before 3.0.0...
LoginPress Pro < 3.0.0 - Captcha Bypass
Description The plugin is vulnerable to Bypass, allowing unauthenticated attackers to bypass the Captcha Verification...
LoginPress Pro < 3.0.0 - Unauthenticated License Activation/Deactivation
Description The plugin is vulnerable to unauthorized modification of data due to a missing capability check, allowing unauthenticated attacks to activate and deactivate licenses...
WordPress plugin LoginPress Pro 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-24761 · Unknown · Loginpress Pro
Name of the Vulnerable Software and Affected Versions: LoginPress Pro versions prior to 3.0.0 Description: The issue is related to an Improper Restriction of Excessive Authentication Attempts, which allows for the removal of important client functionality. Recommendations: For versions prior to...
CVE-2024-32677
Missing Authorization vulnerability in LoginPress LoginPress Pro.This issue affects LoginPress Pro: from n/a before 3.0.0...
CVE-2024-32677
CVE-2024-32677 affects LoginPress Pro (before 3.0.0). The Red Hat and Wordfence references describe a Missing Authorization to License Status Update vulnerability in LoginPress Pro; no exploit, impact, or remediation details are provided in the connected documents.
CVE-2024-32677 WordPress LoginPress Pro plugin < 3.0.0 - Unauth. License Activation/Deactivation vulnerability
Missing Authorization vulnerability in LoginPress LoginPress Pro.This issue affects LoginPress Pro: from n/a before 3.0.0...
CVE-2024-32677 WordPress LoginPress Pro plugin < 3.0.0 - Unauth. License Activation/Deactivation vulnerability
Missing Authorization vulnerability in LoginPress LoginPress Pro.This issue affects LoginPress Pro: from n/a before 3.0.0...
PT-2024-24762 · Unknown · Loginpress Pro
Name of the Vulnerable Software and Affected Versions: LoginPress Pro versions prior to 3.0.0 Description: The issue is related to a Missing Authorization vulnerability in LoginPress Pro. Recommendations: For versions prior to 3.0.0, update to version 3.0.0 or later to resolve the issue...
WordPress plugin LoginPress Pro 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress LoginPress Pro plugin < 3.0.0 - Unauth. License Activation/Deactivation vulnerability
Unauth. License Activation/Deactivation vulnerability discovered by Dave Jong Patchstack in WordPress Plugin LoginPress Pro versions 3.0.0...