17 matches found
CVE-2026-6292
CVE-2026-6292 affects the WordPress plugin MP Customize Login Page (versions ≤ 1.0). The issue is a CSRF vulnerability caused by a broken nonce validation in enter_mpclp_login_options() (inverted wp_verify_nonce() check and missing action parameter) and a settings-update handler hooked on init wi...
EUVD-2025-12026
Malicious code in bioql PyPI...
EUVD-2025-10656
Malicious code in bioql PyPI...
EUVD-2025-12022
Malicious code in bioql PyPI...
CVE-2025-46477
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Carlo La Pera WP Customize Login Page wp-customize-login-page allows Stored XSS.This issue affects WP Customize Login Page: from n/a through = 1.6.5...
CVE-2025-46485
Missing Authorization vulnerability in Carlo La Pera WP Customize Login Page wp-customize-login-page allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Customize Login Page: from n/a through = 1.6.5...
CVE-2025-46485
Missing Authorization vulnerability in Carlo La Pera WP Customize Login Page wp-customize-login-page allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Customize Login Page: from n/a through = 1.6.5...
CVE-2025-46477
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Carlo La Pera WP Customize Login Page wp-customize-login-page allows Stored XSS.This issue affects WP Customize Login Page: from n/a through = 1.6.5...
CVE-2025-46485
CVE-2025-46485 refers to a missing authorization vulnerability in the WordPress plugin “WP Customize Login Page” by Carlo La Pera, affecting versions up to 1.6.5. The available documents consistently describe a broken access control scenario where functionality is accessible without proper ACL co...
CVE-2025-46477 WordPress WP Customize Login Page plugin <= 1.6.5 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Carlo La Pera WP Customize Login Page wp-customize-login-page allows Stored XSS.This issue affects WP Customize Login Page: from n/a through = 1.6.5...
CVE-2025-46477
CVE-2025-46477 : WordPress plugin WP Customize Login Page
WordPress plugin WP Customize Login Page 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-17798 · WordPress · Carlo La Pera Wp Customize Login Page
Name of the Vulnerable Software and Affected Versions: Carlo La Pera WP Customize Login Page versions 1.6.5 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by Access Control Lists ACLs. This mean...
CVE-2025-31034
Cross-Site Request Forgery CSRF vulnerability in AboZain Albanna Customize Login Page customize-login-page allows Cross Site Request Forgery.This issue affects Customize Login Page: from n/a through = 1.1...
CVE-2025-31034
Cross-Site Request Forgery CSRF vulnerability in AboZain Albanna Customize Login Page customize-login-page allows Cross Site Request Forgery.This issue affects Customize Login Page: from n/a through = 1.1...
CVE-2025-31034 WordPress Customize Login Page plugin <= 1.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability
Cross-Site Request Forgery CSRF vulnerability in AboZain Albanna Customize Login Page customize-login-page allows Cross Site Request Forgery.This issue affects Customize Login Page: from n/a through = 1.1...
WordPress plugin Customize Login Page 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...