| CVE-2022-42884 | WordPress WIP Custom Login Plugin <= 1.2.7 is vulnerable to Broken Access Control | ThemeinProgress | WIP Custom Login | Medium | 5.4 | 2024-01-17 18:17:27 | Deep Dive |
| CVE-2023-6934 | Limit Login Attempts Reloaded <= 2.25.26 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | wpchefgadget | Limit Login Attempts Reloaded – Login Security, 2FA, Brute Force Protection & Firewall | Medium | 6.4 | 2024-01-11 08:32:47 | Deep Dive |
| CVE-2023-51490 | WordPress Defender Security Plugin <= 4.1.0 is vulnerable to Sensitive Data Exposure | WPMU DEV | Defender Security – Malware Scanner, Login Security & Firewall | Medium | 5.3 | 2024-01-08 20:17:35 | Deep Dive |
| CVE-2023-52128 | WordPress White Label Plugin <= 2.9.0 is vulnerable to Cross Site Request Forgery (CSRF) | WhiteWP | White Label – WordPress Custom Admin, Custom Login Page, and Custom Dashboard | Medium | 4.3 | 2024-01-05 08:49:17 | Deep Dive |
| CVE-2023-50837 | WordPress Login Lockdown Plugin <= 2.06 is vulnerable to SQL Injection | WebFactory Ltd | Login Lockdown – Protect Login Form | High | 7.6 | 2023-12-29 11:43:49 | Deep Dive |
| CVE-2022-44589 | WordPress miniOrange's Google Authenticator Plugin <= 5.6.1 is vulnerable to Sensitive Data Exposure | miniOrange | miniOrange's Google Authenticator – WordPress Two Factor Authentication – 2FA , Two Factor, OTP SMS and Email | Passwordless login | High | 8.1 | 2023-12-29 09:40:07 | Deep Dive |
| CVE-2023-50846 | WordPress RegistrationMagic Plugin <= 5.2.4.5 is vulnerable to SQL Injection | RegistrationMagic | RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login | High | 7.6 | 2023-12-28 18:19:26 | Deep Dive |
| CVE-2023-50858 | WordPress Anti Hacker Plugin <= 4.34 is vulnerable to Cross Site Request Forgery (CSRF) | Bill Minozzi | Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan | Medium | 5.4 | 2023-12-28 10:31:44 | Deep Dive |
| CVE-2023-41648 | WordPress Login and Logout Redirect Plugin <= 2.0.3 is vulnerable to Open Redirection | Swapnil V. Patil | Login and Logout Redirect | Medium | 4.7 | 2023-12-19 19:51:41 | Deep Dive |
| CVE-2023-48773 | WordPress WooCommerce Login Redirect Plugin <= 2.2.4 is vulnerable to Cross Site Request Forgery (CSRF) | WP Doctor | WooCommerce Login Redirect | Medium | 5.4 | 2023-12-18 22:01:21 | Deep Dive |
| CVE-2023-47806 | WordPress Disable User Login Plugin <= 1.3.7 is vulnerable to Cross Site Request Forgery (CSRF) | Saint Systems | Disable User Login | Medium | 5.4 | 2023-12-18 15:45:28 | Deep Dive |
| CVE-2023-5940 | WP Not Login Hide <= 1.0 - Admin+ Stored XSS | Unknown | WP Not Login Hide (WPNLH) | - | - | 2023-12-11 19:22:40 | Deep Dive |
| CVE-2023-6464 | SourceCodester User Registration and Login System add-user.php sql injection | SourceCodester | User Registration and Login System | Medium | 6.3 | 2023-12-02 09:00:08 | Deep Dive |
| CVE-2023-6463 | SourceCodester User Registration and Login System add-user.php cross site scripting | SourceCodester | User Registration and Login System | Low | 3.5 | 2023-12-01 22:31:05 | Deep Dive |
| CVE-2023-6462 | SourceCodester User Registration and Login System delete-user.php cross site scripting | SourceCodester | User Registration and Login System | Low | 3.5 | 2023-12-01 21:31:04 | Deep Dive |
| CVE-2023-44150 | WordPress ProfilePress Plugin <= 4.13.2 is vulnerable to Sensitive Data Exposure | ProfilePress Membership Team | Paid Membership Plugin, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content – ProfilePress | High | 7.5 | 2023-11-30 14:50:36 | Deep Dive |
| CVE-2023-47645 | WordPress RegistrationMagic Plugin <= 5.2.2.6 is vulnerable to Cross Site Request Forgery (CSRF) | RegistrationMagic | RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login | Medium | 4.3 | 2023-11-30 13:34:47 | Deep Dive |
| CVE-2023-5525 | Limit Login Attempts Reloaded < 2.25.26 - Admin+ Missing Authorization to Toggle Plugin Auto-Update | Unknown | Limit Login Attempts Reloaded | 低危 | - | 2023-11-27 16:22:07 | Deep Dive |
| CVE-2023-27461 | WordPress When Last Login Plugin <= 1.2.1 is vulnerable to Cross Site Request Forgery (CSRF) | Yoohoo Plugins | When Last Login | Medium | 4.3 | 2023-11-22 13:51:44 | Deep Dive |
| CVE-2023-31075 | WordPress Easy Hide Login Plugin <= 1.0.8 is vulnerable to Cross Site Request Forgery (CSRF) | Arshid | Easy Hide Login | Medium | 5.4 | 2023-11-18 22:41:18 | Deep Dive |