Lucene search
K

17 matches found

CVE
CVE
added 2026/06/24 5:33 a.m.15 views

CVE-2026-6292

CVE-2026-6292 affects the WordPress plugin MP Customize Login Page (versions ≤ 1.0). The issue is a CSRF vulnerability caused by a broken nonce validation in enter_mpclp_login_options() (inverted wp_verify_nonce() check and missing action parameter) and a settings-update handler hooked on init wi...

4.3CVSS5.8AI score0.00176EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-12026

Malicious code in bioql PyPI...

5.9CVSS6.9AI score0.00225EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-10656

Malicious code in bioql PyPI...

4.3CVSS6.2AI score0.00211EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-12022

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00273EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/04/26 5:47 p.m.16 views

CVE-2025-46477

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Carlo La Pera WP Customize Login Page wp-customize-login-page allows Stored XSS.This issue affects WP Customize Login Page: from n/a through = 1.6.5...

5.9CVSS7.2AI score0.00225EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/26 5:35 p.m.14 views

CVE-2025-46485

Missing Authorization vulnerability in Carlo La Pera WP Customize Login Page wp-customize-login-page allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Customize Login Page: from n/a through = 1.6.5...

5.3CVSS7.2AI score0.00273EPSS
Exploits0References1
NVD
NVD
added 2025/04/24 4:15 p.m.24 views

CVE-2025-46485

Missing Authorization vulnerability in Carlo La Pera WP Customize Login Page wp-customize-login-page allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Customize Login Page: from n/a through = 1.6.5...

5.3CVSS0.00273EPSS
Exploits0References1
NVD
NVD
added 2025/04/24 4:15 p.m.13 views

CVE-2025-46477

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Carlo La Pera WP Customize Login Page wp-customize-login-page allows Stored XSS.This issue affects WP Customize Login Page: from n/a through = 1.6.5...

5.9CVSS0.00225EPSS
Exploits0References1
CVE
CVE
added 2025/04/24 4:9 p.m.46 views

CVE-2025-46485

CVE-2025-46485 refers to a missing authorization vulnerability in the WordPress plugin “WP Customize Login Page” by Carlo La Pera, affecting versions up to 1.6.5. The available documents consistently describe a broken access control scenario where functionality is accessible without proper ACL co...

5.3CVSS7.2AI score0.00273EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/24 4:9 p.m.7 views

CVE-2025-46477 WordPress WP Customize Login Page plugin <= 1.6.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Carlo La Pera WP Customize Login Page wp-customize-login-page allows Stored XSS.This issue affects WP Customize Login Page: from n/a through = 1.6.5...

5.9CVSS8.6AI score0.00225EPSS
Exploits0References1
CVE
CVE
added 2025/04/24 4:9 p.m.47 views

CVE-2025-46477

CVE-2025-46477 : WordPress plugin WP Customize Login Page

5.9CVSS7.2AI score0.00225EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/24 12:0 a.m.5 views

WordPress plugin WP Customize Login Page 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

5.9CVSS6.1AI score0.00225EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/04/24 12:0 a.m.7 views

PT-2025-17798 · WordPress · Carlo La Pera Wp Customize Login Page

Name of the Vulnerable Software and Affected Versions: Carlo La Pera WP Customize Login Page versions 1.6.5 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by Access Control Lists ACLs. This mean...

5.3CVSS6AI score0.00273EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/04/11 5:56 p.m.5 views

CVE-2025-31034

Cross-Site Request Forgery CSRF vulnerability in AboZain Albanna Customize Login Page customize-login-page allows Cross Site Request Forgery.This issue affects Customize Login Page: from n/a through = 1.1...

4.3CVSS7.2AI score0.00211EPSS
Exploits0References1
NVD
NVD
added 2025/04/09 5:15 p.m.5 views

CVE-2025-31034

Cross-Site Request Forgery CSRF vulnerability in AboZain Albanna Customize Login Page customize-login-page allows Cross Site Request Forgery.This issue affects Customize Login Page: from n/a through = 1.1...

4.3CVSS0.00211EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/09 4:10 p.m.3 views

CVE-2025-31034 WordPress Customize Login Page plugin <= 1.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross-Site Request Forgery CSRF vulnerability in AboZain Albanna Customize Login Page customize-login-page allows Cross Site Request Forgery.This issue affects Customize Login Page: from n/a through = 1.1...

4.3CVSS7.3AI score0.00211EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/09 12:0 a.m.3 views

WordPress plugin Customize Login Page 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

4.3CVSS5.8AI score0.00211EPSS
Exploits0References1
Rows per page
Query Builder