| CVE-2023-23492 | WordPress Plugin The Login with Phone Number SQL注入漏洞 | - | Login with Phone Number WordPress Plugin | 高危 | - | 2023-01-20 00:00:00 | Deep Dive |
| CVE-2023-23749 | Extension - miniorange - LDAP Integration - LDAP Injection (username) | miniorange | LDAP Integration with Active Directory and OpenLDAP - NTLM & Kerberos Login | 高危 | - | 2023-01-17 19:38:22 | Deep Dive |
| CVE-2022-4484 | Super Socializer < 7.13.44 - Contributor+ Stored XSS | Unknown | Social Share, Social Login and Social Comments Plugin | 中危 | - | 2023-01-16 15:38:08 | Deep Dive |
| CVE-2022-4200 | Login with Cognito <= 1.4.8 - Admin+ Stored XSS | Unknown | Login with Cognito | 中危 | - | 2023-01-02 21:49:34 | Deep Dive |
| CVE-2022-3840 | Google Apps Login < 3.4.5 - Admin+ Stored XSS | Unknown | Login for Google Apps | 中危 | - | 2022-12-26 12:28:09 | Deep Dive |
| CVE-2022-4697 | ProfilePress <= 4.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting | properfraction | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress | Medium | 5.5 | 2022-12-23 15:11:46 | Deep Dive |
| CVE-2022-4698 | ProfilePress <= 4.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Form Settings | properfraction | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress | Medium | 5.5 | 2022-12-23 15:09:51 | Deep Dive |
| CVE-2022-4519 | WP User <= 7.0 - Authenticated (Administrator+) Stored Cross-Site Scripting | walkeprashant | WP User – Custom Registration Forms, Login and User Profile | Medium | 5.5 | 2022-12-15 19:19:18 | Deep Dive |
| CVE-2022-3880 | AntiHacker < 4.20 - Subscriber+ Arbitrary Plugin Installation | Unknown | Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan | 中危 | - | 2022-12-12 17:54:54 | Deep Dive |
| CVE-2022-46683 | Jenkins Google Login Plugin 输入验证错误漏洞 | Jenkins Project | Jenkins Google Login Plugin | 中危 | - | 2022-12-07 00:00:00 | Deep Dive |
| CVE-2022-3383 | Ultimate Member – User Profile, User Registration, Login & Membership Plugin <= 2.5.0 - Authenticated (Admin+) Remote Code Execution via Multi-Select | ultimatemember | Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin | High | 7.2 | 2022-11-29 20:40:10 | Deep Dive |
| CVE-2022-3384 | Ultimate Member – User Profile, User Registration, Login & Membership Plugin <= 2.5.0 - Authenticated (Admin+) Limited Remote Code Execution via um_populate_dropdown_options | ultimatemember | Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin | High | 7.2 | 2022-11-29 20:39:57 | Deep Dive |
| CVE-2022-3361 | Ultimate Member – User Profile, User Registration, Login & Membership Plugin <= 2.5.0 - Authenticated (Contributor+) Directory Traversal via Shortcodes | ultimatemember | Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin | Medium | 4.3 | 2022-11-29 20:39:44 | Deep Dive |
| CVE-2022-1579 | Login Block IPs <= 1.0.0 - IP Spoofing Bypass | Unknown | Login Block IPs | 高危 | - | 2022-11-21 00:00:00 | Deep Dive |
| CVE-2022-41839 | WordPress LoginPress plugin <= 1.6.2 - Broken Access Control vulnerability | WPBrigade | LoginPress | Custom Login Page Customizer (WordPress plugin) | Medium | 5.3 | 2022-11-18 21:47:53 | Deep Dive |
| CVE-2022-2350 | Disable User Login <= 1.0.1 - Unauthenticated Settings Update | Unknown | Disable User Login | 中危 | - | 2022-10-10 00:00:00 | Deep Dive |
| CVE-2022-3098 | Login Block IPs <= 1.0.0 - Arbitrary Setting Update via CSRF | Unknown | Login Block IPs | 中危 | - | 2022-09-26 12:35:43 | Deep Dive |
| CVE-2022-2987 | Ldap WP Login / Active Directory Integration < 3.0.2 - Unauthenticated Settings Update to Auth Bypass | Unknown | Ldap WP Login / Active Directory Integration | 高危 | - | 2022-09-26 12:35:36 | Deep Dive |
| CVE-2022-3144 | Wordfence Security – Firewall & Malware Scan <= 7.6.0 - Authenticated (Admin+) Stored Cross-Site Scripting | mmaunder | Wordfence Security – Firewall, Malware Scan, and Login Security | Medium | 4.4 | 2022-09-23 13:54:18 | Deep Dive |
| CVE-2022-2913 | Login No Captcha reCAPTCHA < 1.7 - IP Check Bypass | Unknown | Login No Captcha reCAPTCHA | 中危 | - | 2022-09-16 08:40:39 | Deep Dive |