Lucene search
K

37 matches found

Patchstack
Patchstack
added 2026/06/22 8:54 a.m.8 views

WordPress Branda - White Label & Branding, Free Login Page Customizer plugin <= 3.4.29 - Unauthenticated Privilege Escalation via Account Takeover vulnerability

WordPress Branda - White Label & Branding, Free Login Page Customizer plugin = 3.4.29 - Unauthenticated Privilege Escalation via Account Takeover vulnerability discovered by thevietronin - GalaxyOne in WordPress Plugin Branda versions = 3.4.29...

9.8CVSS5.8AI score0.00625EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2026/01/29 6:0 a.m.4 views

EUVD-2025-206542

The Custom Login Page Customizer WordPress plugin before 2.5.4 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore gain access to their account...

8.1CVSS5.9AI score0.00306EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/29 6:0 a.m.3 views

CVE-2025-14975 Custom Login Page Customizer < 2.5.4 - Unauthenticated Arbitrary Password Reset

The Custom Login Page Customizer WordPress plugin before 2.5.4 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore gain access to their account...

5.9AI score0.00306EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/29 12:0 a.m.6 views

PT-2026-5248

Name of the Vulnerable Software and Affected Versions Custom Login Page Customizer WordPress plugin versions prior to 2.5.4 Description The software does not have a secure password reset process. Unauthenticated users can reset the password of any user, including administrators, by knowing their...

8.1CVSS5.9AI score0.00306EPSS
Exploits0References5
EUVD
EUVD
added 2025/12/18 9:30 a.m.3 views

EUVD-2025-204230

Missing Authorization vulnerability in A WP Life Login Page Customizer Customizer Login Page, Admin Page, Custom Design customizer-login-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login Page Customizer Customizer Login Page, Admin Page, Custom...

6.5CVSS6.2AI score0.00242EPSS
Exploits0References2
NVD
NVD
added 2025/12/18 8:15 a.m.6 views

CVE-2025-49902

Missing Authorization vulnerability in A WP Life Login Page Customizer – Customizer Login Page, Admin Page, Custom Design customizer-login-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login Page Customizer – Customizer Login Page, Admin Page,...

6.5CVSS0.00242EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/18 7:21 a.m.26 views

CVE-2025-49902 WordPress Login Page Customizer – Customizer Login Page, Admin Page, Custom Design plugin <= 2.1.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in A WP Life Login Page Customizer – Customizer Login Page, Admin Page, Custom Design customizer-login-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login Page Customizer – Customizer Login Page, Admin Page,...

6.5CVSS0.00242EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/18 7:21 a.m.3 views

CVE-2025-49902 WordPress Login Page Customizer – Customizer Login Page, Admin Page, Custom Design plugin <= 2.1.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in A WP Life Login Page Customizer Customizer Login Page, Admin Page, Custom Design customizer-login-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login Page Customizer Customizer Login Page, Admin Page, Custom...

6.5CVSS6.3AI score0.00242EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/12/18 7:21 a.m.6 views

CVE-2025-49902

Missing Authorization vulnerability in A WP Life Login Page Customizer – Customizer Login Page, Admin Page, Custom Design customizer-login-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login Page Customizer – Customizer Login Page, Admin Page,...

6.5CVSS5.1AI score0.00242EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.3 views

WordPress plugin Login Page Customizer – Customizer Login Page, Admin Page, Custom Design 安全漏洞

...

6.5CVSS5.8AI score0.00242EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/10 2:22 p.m.5 views

CVE-2025-66528

Missing Authorization vulnerability in VillaTheme Thank You Page Customizer for WooCommerce woo-thank-you-page-customizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Thank You Page Customizer for WooCommerce: from n/a through = 1.1.8...

4.3CVSS6.7AI score0.00197EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/09 6:30 p.m.5 views

EUVD-2025-202144

Missing Authorization vulnerability in VillaTheme Thank You Page Customizer for WooCommerce woo-thank-you-page-customizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Thank You Page Customizer for WooCommerce: from n/a through = 1.1.8...

6.2AI score0.00197EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/09 2:13 p.m.1 views

CVE-2025-66528 WordPress Thank You Page Customizer for WooCommerce plugin <= 1.1.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in VillaTheme Thank You Page Customizer for WooCommerce woo-thank-you-page-customizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Thank You Page Customizer for WooCommerce: from n/a through = 1.1.8...

6.3AI score0.00197EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 2:13 p.m.8 views

CVE-2025-66528

CVE-2025-66528 refers to a Missing Authorization / Broken Access Control vulnerability in the WordPress plugin "Thank You Page Customizer for WooCommerce" (woo-thank-you-page-customizer), affecting versions

4.3CVSS6.3AI score0.00197EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/09 2:13 p.m.20 views

CVE-2025-66528 WordPress Thank You Page Customizer for WooCommerce plugin <= 1.1.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in VillaTheme Thank You Page Customizer for WooCommerce woo-thank-you-page-customizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Thank You Page Customizer for WooCommerce: from n/a through = 1.1.8...

4.3CVSS0.00197EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.13 views

EUVD-2022-49594

Malicious code in bioql PyPI...

8.8CVSS9AI score0.00256EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-24740

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00294EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-49592

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00226EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.4 views

WordPress plugin Thank You Page Customizer for WooCommerce security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...

6.5CVSS5.8AI score0.00294EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/11 3:33 a.m.16 views

CVE-2024-6554 Branda – White Label WordPress, Custom Login Page Customizer <= 3.4.18 - Unauthenticated Full Path Disclosure

The Branda – White Label WordPress, Custom Login Page Customizer plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.4.18. This is due the plugin utilizing composer without preventing direct access to the files. This makes it possible for...

5.3CVSS6.6AI score0.00452EPSS
Exploits0References3
Rows per page
Query Builder