| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-13119 | ProfilePress < 4.15.20 - Admin+ Stored XSS | Unknown | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content | 中危 | - | 2025-02-13 06:00:06 | Deep Dive |
| CVE-2025-25149 | WordPress Login-box plugin <= 2.0.4 - CSRF to Stored XSS vulnerability | Danillo Nunes | Login-box | High | 7.1 | 2025-02-07 10:11:54 | Deep Dive |
| CVE-2025-1061 | Nextend Social Login Pro <= 3.1.16 - Authentication Bypass via Apple OAuth provider | nextendweb | Nextend Social Login Pro | Critical | 9.8 | 2025-02-07 01:41:10 | Deep Dive |
| CVE-2025-22341 | WordPress Hide Login+ plugin <= 3.5.1 - Reflected Cross Site Scripting (XSS) vulnerability | parswp | Hide Login+ | High | 7.1 | 2025-01-31 08:23:55 | Deep Dive |
| CVE-2024-13530 | Custom Login Page Styler <= 7.1.1 - Missing Authorization to Authenticated (Subsciber+) Log Deletion and Session Termination | zia-imtiaz | Login Page Styler – Custom WordPress Login Page Customizer & Security | Medium | 4.3 | 2025-01-31 07:23:40 | Deep Dive |
| CVE-2024-13226 | A5 Custom Login Page <= 2.8.1 - Reflected XSS | Unknown | A5 Custom Login Page | 中危 | - | 2025-01-31 06:00:17 | Deep Dive |
| CVE-2025-23792 | WordPress Passwordless WP – Login with your glance or fingerprint Plugin <= 1.1.6 - Reflected Cross Site Scripting (XSS) vulnerability | WP Busters | Passwordless WP – Login with your glance or fingerprint | High | 7.1 | 2025-01-27 13:59:49 | Deep Dive |
| CVE-2025-0693 | Issue with AWS Sign-in IAM User Login Flow - Possible Username Enumeration | AWS | AWS Sign-in IAM Login Flow | Medium | 5.3 | 2025-01-23 21:22:26 | Deep Dive |
| CVE-2025-23540 | WordPress WP Front-end login and register plugin <= 2.1.0 - Reflected Cross Site Scripting (XSS) vulnerability | Mohsin Khan | WP Front-end login and register | High | 7.1 | 2025-01-23 15:20:17 | Deep Dive |
| CVE-2025-23701 | WordPress Lime Developer Login plugin <= 1.4.0 - Reflected Cross Site Scripting (XSS) vulnerability | limesquare | Lime Developer Login | High | 7.1 | 2025-01-22 14:29:20 | Deep Dive |
| CVE-2024-51888 | WordPress Homey Login Register Plugin <= 2.4.0 - Privilege Escalation vulnerability | favethemes | Homey Login Register | Critical | 9.8 | 2025-01-21 13:40:34 | Deep Dive |
| CVE-2024-13230 | Social Share, Social Login and Social Comments Plugin – Super Socializer <= 7.14 - Unauthenticated Limited SQL Injection via 'SuperSocializerKey' | the_champ | Social Share, Social Login and Social Comments Plugin – Super Socializer | Medium | 5.3 | 2025-01-21 11:09:46 | Deep Dive |
| CVE-2025-0308 | Ultimate Member <= 2.9.1 - Unauthenticated SQL Injection | ultimatemember | Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin | High | 7.5 | 2025-01-18 05:33:50 | Deep Dive |
| CVE-2025-0318 | Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin <= 2.9.1 - Information Exposure | ultimatemember | Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin | Medium | 5.3 | 2025-01-18 05:33:49 | Deep Dive |
| CVE-2025-23547 | WordPress LH Login Page plugin <= 2.14 - Reflected Cross Site Scripting (XSS) vulnerability | shawfactor | LH Login Page | High | 7.1 | 2025-01-16 20:06:21 | Deep Dive |
| CVE-2024-13309 | Login Disable - Critical - Access bypass - SA-CONTRIB-2024-073 | Drupal | Login Disable | 中危 | - | 2025-01-09 20:27:36 | Deep Dive |
| CVE-2024-13280 | Persistent Login - Moderately critical - Access bypass - SA-CONTRIB-2024-044 | Drupal | Persistent Login | 中危 | - | 2025-01-09 19:34:03 | Deep Dive |
| CVE-2024-13069 | SourceCodester Multi Role Login System add-user.php cross site scripting | SourceCodester | Multi Role Login System | Low | 3.5 | 2024-12-31 10:38:12 | Deep Dive |
| CVE-2024-12594 | ALL In One Custom Login Page <= 7.1.1 - Missing Authorization to Authenticated (Subscriber+)Privilege Escalation | zia-imtiaz | Login Page Styler – Custom WordPress Login Page Customizer & Security | High | 8.8 | 2024-12-24 05:23:44 | Deep Dive |
| CVE-2024-54442 | WordPress Better WP Login Page plugin <= 1.1.2 - Stored Cross Site Scripting (XSS) vulnerability | cortesfrau | Better WP Login Page | Medium | 5.9 | 2024-12-16 14:14:16 | Deep Dive |