WordPress Custom Login And Signup Widget Plugin <= 1.0 - Arbitrary Code Execution

Improper Control of Generation of Code 'Code Injection' vulnerability in bitto.Kazi Custom Login And Signup Widget allows Code Injection.This issue affects Custom Login And Signup Widget: from n/a through 1.0 id: CVE-2025-49029 info: name: WordPress Custom Login And Signup Widget Plugin = 1.0 -...

CVE-2025-39363 WordPress Custom Login and Registration <= 1.0.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AlphaEfficiencyTeam Custom Login and Registration allows Stored XSS.This issue affects Custom Login and Registration: from n/a through 1.0.0...

CVE-2025-46535 WordPress Custom Login and Registration plugin <= 1.0.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in AlphaEfficiencyTeam Custom Login and Registration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom Login and Registration: from n/a through 1.0.0...

CVE-2023-49858 WordPress Custom Login plugin <= 4.1.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Austin Custom Login custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom Login: from n/a through = 4.1.0...

WordPress Custom Login Plugin <= 4.1.0 is vulnerable to Broken Access Control

Software Custom Login Type Plugin Vulnerable versions = 4.1.0 Fixed in 4.1.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-49858 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 0dfaac0266be Credits Abdi Pranata Required...

WordPress Custom Login Page Customizer Plugin <= 2.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Custom Login Page Customizer Type Plugin Vulnerable versions = 2.2.2 Fixed in 2.2.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 73bc975e043e Credits Rafie Muhammad...

WordPress Custom Login Page Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS)

Software Custom Login Page Type Plugin Vulnerable versions = 2.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-26012 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 0c6af91b5f42 Credits Mahesh Nagabhairava...

WordPress Custom Login Page Customizer plugin <= 2.1.7 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Custom Login Page Customizer plugin versions = 2.1.7. Solution Update the WordPress Custom Login Page Customizer Plugin for WooCommerce plugin to the latest available version at least 2.1.8...