Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
login vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-46202
Cross-Site Request Forgery (CSRF) vulnerability in Jeff Sherk Auto Login New User After Registration plugin <= 1.9.6 versions.
Auto Login New User After Registration Project Auto Login New User After Registration
7.5
CVSSv2
CVE-2020-25952
SQL injection vulnerability in PHPGurukul User Registration & Login and User Management System With admin panel 2.1 allows remote malicious users to execute arbitrary SQL commands and bypass authentication.
User Registration \\& Login And User Management System Project User Registration \\& Login And User Management System 2.1
1 Github repository
NA
CVE-2023-33591
User Registration & Login and User Management System v1.0 exists to contain a cross-site scripting (XSS) vulnerability via the component /admin/search-result.php.
User Registration \\& Login And User Management System Project User Registration \\& Login And User Management System 1.0
3.5
CVSSv2
CVE-2020-24723
Cross Site Scripting (XSS) vulnerability in the Registration page of the admin panel in PHPGurukul User Registration & Login and User Management System With admin panel 2.1.
User Registration \\& Login And User Management System Project User Registration \\& Login And User Management System 2.1
NA
CVE-2023-2223
The Login rebuilder WordPress plugin prior to 2.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multis...
12net Login Rebuilder
NA
CVE-2022-46683
Jenkins Google Login Plugin 1.4 up to and including 1.6 (both inclusive) improperly determines that a redirect URL after login is legitimately pointing to Jenkins.
Jenkins Google Login
10
CVSSv2
CVE-2007-1766
PHP remote file inclusion vulnerability in login/engine/db/profiledit.php in Advanced Login 0.76 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the root parameter.
Msxstudios Advanced Login
1 EDB exploit
7.5
CVSSv2
CVE-2007-4342
PHP remote file inclusion vulnerability in include.php in PHPCentral Login 1.0 allows remote malicious users to execute arbitrary PHP code via a URL in the _SERVER[DOCUMENT_ROOT] parameter. NOTE: a third party disputes this vulnerability because of the special nature of the SERVE...
Phpcentral Login 1.0
NA
CVE-2022-4838
The Clean Login WordPress plugin prior to 1.13.7 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used aga...
Codection Clean Login
4.3
CVSSv2
CVE-2017-18501
The social-login-bws plugin prior to 0.2 for WordPress has multiple XSS issues.
Bestwebsoft Social Login
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »