Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
login vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-1434
login_ldap 3.1 and 3.2 allows remote malicious users to initiate unauthenticated bind requests if (1) bind_anon_dn is on, which allows a bind with no password provided, (2) bind_anon_cred is on, which allows a bind with no DN, or (3) bind_anon is on, which allows a bind with no D...
Pete Werner Login Ldap 3.1
Pete Werner Login Ldap 3.2
9.8
CVSSv3
CVE-2017-20127
A vulnerability was found in KB Login Authentication Script 1.1 and classified as critical. Affected by this issue is some unknown functionality. The manipulation of the argument username/password with the input 'or''=' leads to sql injection. The attack may b...
Kb Login Authentication Script Project Kb Login Authentication Script 1.1
4.8
CVSSv3
CVE-2021-24658
The Erident Custom Login and Dashboard WordPress plugin prior to 3.5.9 did not properly sanitise its settings, allowing high privilege users to use XSS payloads in them (even when the unfileted_html is disabled)
Erident Custom Login And Dashboard Project Erident Custom Login And Dashboard
8.8
CVSSv3
CVE-2022-47138
Cross-Site Request Forgery (CSRF) vulnerability in German Krutov LOGIN AND REGISTRATION ATTEMPTS LIMIT plugin <= 2.1 versions.
Login And Registration Attempts Limit Project Login And Registration Attempts Limit
6.1
CVSSv3
CVE-2019-15820
The login-or-logout-menu-item plugin prior to 1.2.0 for WordPress has no requirement for lolmi_save_settings authentication.
Login Or Logout Menu Item Project Login Or Logout Menu Item
8.8
CVSSv3
CVE-2015-9322
The erident-custom-login-and-dashboard plugin prior to 3.5 for WordPress has CSRF.
Erident Custom Login And Dashboard Project Erident Custom Login And Dashboard
NA
CVE-2006-7078
Multiple cross-site scripting (XSS) vulnerabilities in Professional Home Page Tools Login Script, as of July 2006, allow remote malicious users to inject arbitrary web script or HTML via the (1) name, (2) vorname, and (3) nachname parameters in the register script. NOTE: some det...
Professional Home Page Tools Login Script Professional Home Page Tools Login Script
6.1
CVSSv3
CVE-2023-46201
Cross-Site Request Forgery (CSRF) vulnerability in Jeff Sherk Auto Login New User After Registration allows Stored XSS.This issue affects Auto Login New User After Registration: from n/a up to and including 1.9.6.
Auto Login New User After Registration Project Auto Login New User After Registration
8.8
CVSSv3
CVE-2023-46202
Cross-Site Request Forgery (CSRF) vulnerability in Jeff Sherk Auto Login New User After Registration plugin <= 1.9.6 versions.
Auto Login New User After Registration Project Auto Login New User After Registration
7.5
CVSSv3
CVE-2022-2987
The Ldap WP Login / Active Directory Integration WordPress plugin prior to 3.0.2 does not have any authorisation and CSRF checks when updating it's settings (which are hooked to the init action), allowing unauthenticated malicious users to update them. Attackers could set th...
Ldap Wp Login \\/ Active Directory Integration Project Ldap Wp Login \\/ Active Directory Integration
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »