80 matches found
CVE-2022-0347
The LoginPress | Custom Login Page Customizer WordPress plugin before 1.5.12 does not escape the redirect-page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting...
EUVD-2019-6782
Malware in sbrugna...
EUVD-2019-6783
Malware in sbrugna...
EUVD-2025-21859
Malicious code in bioql PyPI...
EUVD-2024-30464
Malicious code in bioql PyPI...
EUVD-2022-45006
Malicious code in bioql PyPI...
EUVD-2024-30463
Malicious code in bioql PyPI...
EUVD-2022-15507
Malicious code in bioql PyPI...
CVE-2025-7444
The LoginPress Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.0.1. This is due to insufficient verification on the user being returned by the social login token. This makes it possible for unauthenticated attackers to log in as any existing...
CVE-2025-7444
The LoginPress Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.0.1. This is due to insufficient verification on the user being returned by the social login token. This makes it possible for unauthenticated attackers to log in as any existing...
CVE-2025-7444
CVE-2025-7444 affects LoginPress Pro for WordPress. Versions up to and including 5.0.1 suffer an authentication bypass due to insufficient verification of the user returned by the social login token, enabling unauthenticated attackers to log in as any existing user (e.g., administrator) if they h...
CVE-2025-7444 LoginPress Pro <= 5.0.1 - Authentication Bypass via WordPress.com OAuth provider
The LoginPress Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.0.1. This is due to insufficient verification on the user being returned by the social login token. This makes it possible for unauthenticated attackers to log in as any existing...
CVE-2025-7444 LoginPress Pro <= 5.0.1 - Authentication Bypass via WordPress.com OAuth provider
The LoginPress Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.0.1. This is due to insufficient verification on the user being returned by the social login token. This makes it possible for unauthenticated attackers to log in as any existing...
WordPress LoginPress Pro plugin <= 5.0.1 - Authentication Bypass via WordPress.com OAuth provider vulnerability
Authentication Bypass via WordPress.com OAuth provider vulnerability discovered by Foxyyy in WordPress Plugin LoginPress Pro versions = 5.0.1...
PT-2025-30019 · WordPress · Loginpress Pro
Name of the Vulnerable Software and Affected Versions: LoginPress Pro versions prior to 5.0.1 Description: The LoginPress Pro plugin for WordPress is susceptible to authentication bypass in all versions up to and including 5.0.1. This issue stems from inadequate verification of the user returned ...
WordPress plugin LoginPress Pro 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2024-32677
Missing Authorization vulnerability in LoginPress LoginPress Pro.This issue affects LoginPress Pro: from n/a before 3.0.0...
CVE-2024-32676
Improper Restriction of Excessive Authentication Attempts vulnerability in LoginPress LoginPress Pro allows Removing Important Client Functionality.This issue affects LoginPress Pro: from n/a before 3.0.0...
CVE-2019-15871
The LoginPress plugin before 1.1.4 for WordPress has no capability check for updates to settings...
CVE-2019-15872
The LoginPress plugin before 1.1.4 for WordPress has SQL injection via an import of settings...