Vulnerability List

CVE ID	Title	Vendor	Product	Severity	CVSS Score	Published At	AI Analysis
CVE-2025-9887	Custom Login And Signup Widget <= 1.0 - Cross-Site Request Forgery	bittokazi	Custom Login And Signup Widget	Medium	4.3	2025-09-20 06:43:20	Deep Dive
CVE-2025-9085	User Registration & Membership <= 4.3.0 - Authenticated (Admin+) SQL Injection	wpeverest	User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder	Medium	4.9	2025-09-06 02:24:18	Deep Dive
CVE-2025-6831	User Registration <= 4.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via urcr_restrict Shortcode	wpeverest	User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder	Medium	6.4	2025-07-22 01:44:28	Deep Dive
CVE-2025-49029	WordPress Custom Login And Signup Widget plugin <= 1.0 - Arbitrary Code Execution vulnerability	bitto.kazi	Custom Login And Signup Widget	Critical	9.1	2025-07-01 13:27:47	Deep Dive
CVE-2025-3281	User Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.2.1 - Insecure Direct Object Reference to Unauthenticated Limited User Deletion	wpeverest	User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder	Medium	5.3	2025-05-06 07:24:22	Deep Dive
CVE-2025-39363	WordPress Custom Login and Registration <= 1.0.0 - Cross Site Scripting (XSS) Vulnerability	AlphaEfficiencyTeam	Custom Login and Registration	Medium	6.5	2025-05-05 06:10:51	Deep Dive
CVE-2025-46535	WordPress Custom Login and Registration plugin <= 1.0.0 - Broken Access Control vulnerability	AlphaEfficiencyTeam	Custom Login and Registration	Medium	5.4	2025-04-25 08:05:57	Deep Dive
CVE-2025-3284	User Registration & Membership PRO – Custom Registration Form, Login Form, and User Profile <= 5.1.3 - Cross-Site Request Forgery to User Deletion	WPEverest	User Registration PRO – Custom Registration Form, Login Form, and User Profile WordPress Plugin	Medium	4.3	2025-04-19 02:22:33	Deep Dive
CVE-2025-3282	User Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.1.3 - Insecure Direct Object Reference to Unauthenticated Membership Modification	wpeverest	User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder	Medium	5.3	2025-04-12 06:37:18	Deep Dive
CVE-2025-3292	User Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.1.3 - Insecure Direct Object Reference to Authenticated (Subscriber+) User Password Update	wpeverest	User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder	Medium	4.3	2025-04-12 06:37:17	Deep Dive
CVE-2025-2836	RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.4.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting	metagauss	RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login	Medium	6.4	2025-04-04 05:22:45	Deep Dive
CVE-2025-31769	WordPress CLP – Custom Login Page by NiteoThemes plugin <= 1.5.5 - Cross Site Request Forgery (CSRF) vulnerability	NiteoThemes	CLP – Custom Login Page by NiteoThemes	Medium	4.3	2025-04-01 14:51:19	Deep Dive
CVE-2025-30822	WordPress Custom Login Logo Plugin <= 1.1.7 - Cross Site Request Forgery (CSRF) vulnerability	Hakik Zaman	Custom Login Logo	Medium	4.3	2025-03-27 10:55:09	Deep Dive
CVE-2025-1764	LoginPress <= 3.3.1 - Cross-Site Request Forgery to Arbitrary Options Update	hiddenpearls	LoginPress \| wp-login Custom Login Page Customizer	High	7.5	2025-03-14 05:24:02	Deep Dive
CVE-2025-1511	User Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.0.4 - Reflected Cross-Site Scripting	wpeverest	User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder	Medium	6.1	2025-02-28 05:23:14	Deep Dive
CVE-2024-13530	Custom Login Page Styler <= 7.1.1 - Missing Authorization to Authenticated (Subsciber+) Log Deletion and Session Termination	zia-imtiaz	Login Page Styler – Custom WordPress Login Page Customizer & Security	Medium	4.3	2025-01-31 07:23:40	Deep Dive
CVE-2024-13226	A5 Custom Login Page <= 2.8.1 - Reflected XSS	Unknown	A5 Custom Login Page	中危	-	2025-01-31 06:00:17	Deep Dive
CVE-2024-12594	ALL In One Custom Login Page <= 7.1.1 - Missing Authorization to Authenticated (Subscriber+)Privilege Escalation	zia-imtiaz	Login Page Styler – Custom WordPress Login Page Customizer & Security	High	8.8	2024-12-24 05:23:44	Deep Dive
CVE-2023-49858	WordPress Custom Login plugin <= 4.1.0 - Broken Access Control vulnerability	Austin	Custom Login	中危	-	2024-12-09 11:30:06	Deep Dive
CVE-2024-9371	Branda – White Label & Branding, Custom Login Page Customizer <= 3.4.19 - Reflected Cross-Site Scripting	wpmudev	Branda – White Label & Branding, Free Login Page Customizer	Medium	6.1	2024-11-21 04:24:27	Deep Dive

Goal Reached Thanks to every supporter — we hit 100%!

Vulnerability List