Zm Ajax Login & Register Security Vulnerabilities and Issues — Zm Ajax Login & Register CVE List

Lucene search

ZanematthewZm Ajax Login & Register

3 matches found

CVE•added 2015/06/10 6:59 p.m.•51 views

CVE-2015-4153

Directory traversal vulnerability in the zM Ajax Login & Register plugin before 1.1.0 for WordPress allows remote attackers to include and execute arbitrary php files via a relative path in the template parameter in a load_template action to wp-admin/admin-ajax.php.

5CVSS9.4AI score0.4589EPSS

CVE•added 2023/04/15 8:15 a.m.•41 views

CVE-2023-2027

The ZM Ajax Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.2. This is due to insufficient verification on the user being supplied during a Facebook login through the plugin. This makes it possible for unauthenticated attackers to l...

9.8CVSS9.5AI score0.00252EPSS

CVE•added 2015/06/10 6:59 p.m.•35 views

CVE-2015-4465

Cross-site scripting (XSS) vulnerability in the zM Ajax Login & Register plugin before 1.1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.9AI score0.00324EPSS