Feather Login Page Security Vulnerabilities and Issues — Feather Login Page CVE List

Lucene search

FeatherpluginsFeather Login Page

3 matches found

CVE•added 2023/05/31 3:15 a.m.•43 views

CVE-2023-2549

The Feather Login Page plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions starting from 1.0.7 up to, and including, 1.1.1. This is due to missing nonce validation in the 'createTempAccountLink' function. This makes it possible for unauthenticated attackers to create a new ...

8.8CVSS8.3AI score0.00099EPSS

CVE•added 2023/05/31 3:15 a.m.•42 views

CVE-2023-2545

The Feather Login Page plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'getListOfUsers' function in versions starting from 1.0.7 up to, and including, 1.1.1. This makes it possible for authenticated attackers, with subscriber-level permissi...

8.8CVSS8.2AI score0.00099EPSS

CVE•added 2023/05/31 3:15 a.m.•40 views

CVE-2023-2547

The Feather Login Page plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'deleteUser' function in versions starting from 1.0.7 up to, and including, 1.1.1. This makes it possible for authenticated attackers, with subscriber-level permissions an...

5.4CVSS5.4AI score0.00036EPSS