Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
login vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-46683
Jenkins Google Login Plugin 1.4 up to and including 1.6 (both inclusive) improperly determines that a redirect URL after login is legitimately pointing to Jenkins.
Jenkins Google Login
5.4
CVSSv3
CVE-2024-24712
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Team Heateor Heateor Social Login WordPress allows Stored XSS.This issue affects Heateor Social Login WordPress: from n/a up to and including 1.1.30.
Heateor Social Login
7.5
CVSSv3
CVE-2023-41936
Jenkins Google Login Plugin 1.7 and previous versions uses a non-constant time comparison function when checking whether the provided and expected token are equal, potentially allowing malicious users to use statistical methods to obtain a valid token.
Jenkins Google Login
6.1
CVSSv3
CVE-2015-9336
The clean-login plugin prior to 1.5.1 for WordPress has reflected XSS.
Codection Clean Login
6.1
CVSSv3
CVE-2018-1000174
An open redirect vulnerability exists in Jenkins Google Login Plugin 1.3 and older in GoogleOAuth2SecurityRealm.java that allows malicious users to redirect users to an arbitrary URL after successful login.
Jenkins Google Login
9.8
CVSSv3
CVE-2020-25952
SQL injection vulnerability in PHPGurukul User Registration & Login and User Management System With admin panel 2.1 allows remote malicious users to execute arbitrary SQL commands and bypass authentication.
User Registration \\& Login And User Management System Project User Registration \\& Login And User Management System 2.1
1 Github repository
4.8
CVSSv3
CVE-2020-24723
Cross Site Scripting (XSS) vulnerability in the Registration page of the admin panel in PHPGurukul User Registration & Login and User Management System With admin panel 2.1.
User Registration \\& Login And User Management System Project User Registration \\& Login And User Management System 2.1
6.1
CVSSv3
CVE-2023-33591
User Registration & Login and User Management System v1.0 exists to contain a cross-site scripting (XSS) vulnerability via the component /admin/search-result.php.
User Registration \\& Login And User Management System Project User Registration \\& Login And User Management System 1.0
8.8
CVSSv3
CVE-2023-47806
Cross-Site Request Forgery (CSRF) vulnerability in Saint Systems Disable User Login.This issue affects Disable User Login: from n/a up to and including 1.3.7.
Saintsystems Disable User Login
6.5
CVSSv3
CVE-2017-8875
CSRF in the Clean Login plugin prior to 1.8 for WordPress allows remote malicious users to change the login redirect URL or logout redirect URL.
Codection Clean Login 1.7.12
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »