Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

NVD
NVDadded 2025/11/06 4:15 p.m.1 views

CVE-2025-58595

Authentication Bypass by Spoofing vulnerability in Saad Iqbal All In One Login change-wp-admin-login allows Identity Spoofing.This issue affects All In One Login: from n/a through = 2.0.8...

9.1CVSS0.00068EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/11/06 3:54 p.m.4 views

CVE-2025-58595 WordPress All In One Login plugin <= 2.0.8 - Bypass Vulnerability vulnerability

Authentication Bypass by Spoofing vulnerability in Saad Iqbal All In One Login change-wp-admin-login allows Identity Spoofing.This issue affects All In One Login: from n/a through = 2.0.8...

5.3CVSS0.00068EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/11/06 12:0 a.m.2 views

PT-2025-45243

Authentication Bypass by Spoofing vulnerability in Saad Iqbal All In One Login change-wp-admin-login allows Identity Spoofing.This issue affects All In One Login: from n/a through = 2.0.8...

6.9AI score0.00068EPSS
Exploits0References2
Prion
Prionadded 2023/08/21 5:15 p.m.9 views

Design/Logic Flaw

The Change WP Admin Login WordPress plugin before 1.1.4 discloses the URL of the hidden login page when accessing a crafted URL, bypassing the protection offered...

5CVSS7.5AI score0.00262EPSS
Exploits2References1Affected Software1
CVE
CVEadded 2023/08/21 12:29 p.m.45 views

CVE-2023-3604

CVE-2023-3604 affects the Change WP Admin Login WordPress plugin prior to version 1.1.4. The vulnerability arises from disclosing the URL of the hidden login page when a crafted URL is accessed, bypassing the plugin’s protection mechanism. Impact, as stated in multiple sources, is that an unauthe...

7.5CVSS7.5AI score0.00262EPSS
Exploits2References1Affected Software1
Patchstack
Patchstackadded 2023/08/01 12:0 a.m.8 views

WordPress Change wp-admin login Plugin < 1.1.4 is vulnerable to Bypass Vulnerability

Software Change wp-admin login Type Plugin Vulnerable versions 1.1.4 Fixed in 1.1.4 OWASP Top 10 A5: Security Misconfiguration Classification Bypass Vulnerability CVE CVE-2023-3604 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID f402f5411a8e Credits Muhamad Arsyad...

7.5CVSS6.8AI score0.00262EPSS
Exploits2References3Affected Software1
NVD
NVDadded 2022/05/30 9:15 a.m.9 views

CVE-2022-1589

The Change wp-admin login WordPress plugin before 1.1.0 does not properly check for authorisation and is also missing CSRF check when updating its settings, which could allow unauthenticated users to change the settings. The attacked could also be performed via a CSRF vector...

7.5CVSS0.00295EPSS
Exploits2References1
ATTACKERKB
ATTACKERKBadded 2022/05/30 9:15 a.m.2 views

CVE-2022-1589

The Change wp-admin login WordPress plugin before 1.1.0 does not properly check for authorisation and is also missing CSRF check when updating its settings, which could allow unauthenticated users to change the settings. The attacked could also be performed via a CSRF vector...

7.5CVSS7.1AI score0.00295EPSS
Exploits2References2
CVE
CVEadded 2022/05/30 8:36 a.m.83 views

CVE-2022-1589

CVE-2022-1589 affects the WordPress plugin “Change wp-admin login” prior to version 1.1.0. The issue arises from insufficient authorization checks and missing CSRF protection when updating settings, enabling unauthenticated users to modify settings via CSRF vectors. Documented impact is unauthent...

7.5CVSS7.5AI score0.00295EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder