Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
login vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-36710
The WPS Hide Login plugin for WordPress is vulnerable to login page disclosure even when the settings of the plugin are set to hide the login page making it possible for unauthenticated malicious users to brute force credentials on sites in versions up to, and including, 1.5.4.2.
Wpserveur Wps Hide Login
3.5
CVSSv2
CVE-2022-1029
The Limit Login Attempts WordPress plugin prior to 4.0.72 does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scripting attacks when unfiltered_html is disallowed (for...
Miniorange Limit Login Attempts
7.5
CVSSv2
CVE-2019-15823
The wps-hide-login plugin prior to 1.5.3 for WordPress has an action=confirmaction protection bypass.
Wpserveur Wps Hide Login
7.5
CVSSv2
CVE-2019-15824
The wps-hide-login plugin prior to 1.5.3 for WordPress has an adminhash protection bypass.
Wpserveur Wps Hide Login
7.5
CVSSv2
CVE-2019-15825
The wps-hide-login plugin prior to 1.5.3 for WordPress has an action=rp&key&login protection bypass.
Wpserveur Wps Hide Login
7.5
CVSSv2
CVE-2019-15826
The wps-hide-login plugin prior to 1.5.3 for WordPress has a protection bypass via wp-login.php in the Referer field.
Wpserveur Wps Hide Login
NA
CVE-2023-34172
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Miled WordPress Social Login plugin <= 3.0.4 versions.
Miled Wordpress Social Login
4.3
CVSSv2
CVE-2008-5854
Multiple cross-site scripting (XSS) vulnerabilities in login.php in myPHPscripts Login Session 2.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) ls_user and (2) ls_email parameters (aka the User form) in an ls_register action. NOTE: some of these...
Myphpscripts Login Session 2.0
1 EDB exploit
NA
CVE-2023-47182
Cross-Site Request Forgery (CSRF) leading to a Stored Cross-Site Scripting (XSS) vulnerability in Nazmul Hossain Nihal Login Screen Manager plugin <= 3.5.2 versions.
Nazmulhossainnihal Login Screen Manager
NA
CVE-2023-48773
Cross-Site Request Forgery (CSRF) vulnerability in WP Doctor WooCommerce Login Redirect.This issue affects WooCommerce Login Redirect: from n/a up to and including 2.2.4.
Wpdoctor Woocommerce Login Redirect
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »