A5 Custom Login Page - Reflected XSS

A5 Custom Login Page WordPress plugin v2.8.1 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before outputting it in the page, letting attackers execute malicious scripts in the context of high privilege users, exploit requires a crafted URL or...

WordPress Custom Login And Signup Widget Plugin <= 1.0 - Arbitrary Code Execution

Improper Control of Generation of Code 'Code Injection' vulnerability in bitto.Kazi Custom Login And Signup Widget allows Code Injection.This issue affects Custom Login And Signup Widget: from n/a through 1.0 id: CVE-2025-49029 info: name: WordPress Custom Login And Signup Widget Plugin = 1.0 -...

WordPress Simple Custom Login Page plugin <= 1.0.3 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability

Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Nguyen Duong in WordPress Plugin Simple Custom Login Page versions = 1.0.3...

CVE-2026-10100

Technical details are not publicly available in the provided documents. No connected documents with concrete technical details were found. Monitor for updates.

WordPress plugin Simple Custom Login Page 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

Fedora 44 : cockpit (2026-ea792bf240)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-ea792bf240 advisory. Automatic update for cockpit-360.1-1.fc44. Changelog for cockpit Tue Apr 14 2026 Packit - 360.1-1 - Prevent overmounting also for btrfs subvolumes...

CVE-2026-39605

Missing Authorization vulnerability in Obadiah Super Custom Login super-custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Custom Login: from n/a through = 1.1...

EUVD-2026-20236

Missing Authorization vulnerability in Obadiah Super Custom Login super-custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Custom Login: from n/a through = 1.1...

CVE-2026-39605

Missing Authorization vulnerability in Obadiah Super Custom Login super-custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Custom Login: from n/a through = 1.1...

CVE-2026-39605 WordPress Super Custom Login plugin <= 1.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Obadiah Super Custom Login super-custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Custom Login: from n/a through = 1.1...

CVE-2026-39605

Missing Authorization vulnerability in Obadiah Super Custom Login super-custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Custom Login: from n/a through = 1.1...

CVE-2026-39605 WordPress Super Custom Login plugin <= 1.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Obadiah Super Custom Login super-custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Custom Login: from n/a through = 1.1...

CVE-2026-39605

CVE-2026-39605 concerns the WordPress WordPress Super Custom Login plugin (version

WordPress plugin Super Custom Login 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-31170

Missing Authorization vulnerability in Obadiah Super Custom Login super-custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Custom Login: from n/a through = 1.1...

Products.isurlinportal has possible open redirect when using more than 2 forward slashes

Impact A url /login?camefrom=////evil.example may redirect to an external website after login. Standard Plone is not affected, but if you have customised the login, for example with add-ons, you might be affected. You can try the url to check if you are affected or not. Patches The problem has be...

VulnCheck KEV: CVE-2025-14975

The Custom Login Page Customizer WordPress plugin before 2.5.4 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore gain access to their account...

CVE-2025-14975

The Custom Login Page Customizer WordPress plugin before 2.5.4 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore gain access to their account...

CVE-2025-14975

The Custom Login Page Customizer WordPress plugin before 2.5.4 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore gain access to their account...

CVE-2025-14975 Custom Login Page Customizer < 2.5.4 - Unauthenticated Arbitrary Password Reset

The Custom Login Page Customizer WordPress plugin before 2.5.4 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore gain access to their account...