Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
login vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-1893
The Login Configurator WordPress plugin up to and including 2.1 does not properly escape a URL parameter before outputting it to the page, leading to a reflected cross-site scripting vulnerability targeting site administrators.
Login Configurator Project Login Configurator
NA
CVE-2010-2945
The default configuration of SLiM prior to 1.3.2 places ./ (dot slash) at the beginning of the default_path option, which might allow local users to gain privileges via a Trojan horse program in the current working directory, related to slim.conf and cfg.cpp.
Simone Rota Slim Simple Login Manager 1.2.1
Simone Rota Slim Simple Login Manager 1.2.0
Simone Rota Slim Simple Login Manager 1.1.0
Simone Rota Slim Simple Login Manager 1.0.0
Simone Rota Slim Simple Login Manager 1.2.5
Simone Rota Slim Simple Login Manager 1.2.3
Simone Rota Slim Simple Login Manager 1.3.0
Simone Rota Slim Simple Login Manager 1.2.6
Simone Rota Slim Simple Login Manager 1.2.4
Simone Rota Slim Simple Login Manager 1.2.2
Simone Rota Slim Simple Login Manager
7.8
CVSSv3
CVE-2014-5000
The login function in lib/lawn.rb in the lawn-login gem 0.0.7 for Ruby places credentials on the curl command line, which allows local users to obtain sensitive information by listing the process.
Lawn-login Project Lawn-login 0.0.7
7.8
CVSSv3
CVE-2017-20066
A vulnerability has been found in Adminer Login 1.4.4 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improper access controls. It is possible to launch the attack on the local host. The exploit has been disclosed to the public an...
Adminer Login Project Adminer Login 1.4.4
9.8
CVSSv3
CVE-2016-15031
A vulnerability was found in PHP-Login 1.0. It has been declared as critical. This vulnerability affects the function checkLogin of the file login/scripts/class.loginscript.php of the component POST Parameter Handler. The manipulation of the argument myusername leads to sql injec...
Php-login Project Php-login 1.0
6.5
CVSSv3
CVE-2022-1732
The Rename wp-login.php WordPress plugin up to and including 2.6.0 does not have CSRF check in place when updating the secret login URL, which could allow malicious users to make a logged in admin change them via a CSRF attack
Rename Wp-login Project Rename Wp-login
8.8
CVSSv3
CVE-2021-24804
The Simple JWT Login WordPress plugin prior to 3.2.1 does not have nonce checks when saving its settings, allowing malicious users to make a logged in admin changed them. Settings such as HMAC verification secret, account registering and default user roles can be updated, which c...
Simple Jwt Login Project Simple Jwt Login
6.1
CVSSv3
CVE-2021-24536
The Custom Login Redirect WordPress plugin up to and including 1.0.0 does not have CSRF check in place when saving its settings, and do not sanitise or escape user input before outputting them back in the page, leading to a Stored Cross-Site Scripting issue
Custom Login Redirect Project Custom Login Redirect
NA
CVE-2014-4576
Cross-site scripting (XSS) vulnerability in services/diagnostics.php in the WordPress Social Login plugin 2.0.3 and previous versions for WordPress allows remote malicious users to inject arbitrary web script or HTML via the xhrurl parameter.
Wordpress Social Login Project Wordpress Social Login
4.8
CVSSv3
CVE-2023-5243
The Login Screen Manager WordPress plugin up to and including 3.5.2 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for e...
Login Screen Manager Project Login Screen Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22460
CVE-2024-4646
CVE-2024-29212
IMAP
CVE-2023-36672
CVE-2024-34547
command injection
CVE-2024-4651
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »