Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
login vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2015-9336
The clean-login plugin prior to 1.5.1 for WordPress has reflected XSS.
Codection Clean Login
5.4
CVSSv3
CVE-2024-24712
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Team Heateor Heateor Social Login WordPress allows Stored XSS.This issue affects Heateor Social Login WordPress: from n/a up to and including 1.1.30.
Heateor Social Login
4.8
CVSSv3
CVE-2023-2223
The Login rebuilder WordPress plugin prior to 2.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multis...
12net Login Rebuilder
5.4
CVSSv3
CVE-2022-4838
The Clean Login WordPress plugin prior to 1.13.7 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used aga...
Codection Clean Login
6.1
CVSSv3
CVE-2022-46683
Jenkins Google Login Plugin 1.4 up to and including 1.6 (both inclusive) improperly determines that a redirect URL after login is legitimately pointing to Jenkins.
Jenkins Google Login
6.1
CVSSv3
CVE-2023-33591
User Registration & Login and User Management System v1.0 exists to contain a cross-site scripting (XSS) vulnerability via the component /admin/search-result.php.
User Registration \\& Login And User Management System Project User Registration \\& Login And User Management System 1.0
4.8
CVSSv3
CVE-2020-24723
Cross Site Scripting (XSS) vulnerability in the Registration page of the admin panel in PHPGurukul User Registration & Login and User Management System With admin panel 2.1.
User Registration \\& Login And User Management System Project User Registration \\& Login And User Management System 2.1
9.8
CVSSv3
CVE-2020-25952
SQL injection vulnerability in PHPGurukul User Registration & Login and User Management System With admin panel 2.1 allows remote malicious users to execute arbitrary SQL commands and bypass authentication.
User Registration \\& Login And User Management System Project User Registration \\& Login And User Management System 2.1
1 Github repository
8.8
CVSSv3
CVE-2023-48773
Cross-Site Request Forgery (CSRF) vulnerability in WP Doctor WooCommerce Login Redirect.This issue affects WooCommerce Login Redirect: from n/a up to and including 2.2.4.
Wpdoctor Woocommerce Login Redirect
4.8
CVSSv3
CVE-2022-4200
The Login with Cognito WordPress plugin up to and including 1.4.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for exa...
Miniorange Login With Cognito
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »