| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-0598 | Login with phone number < 1.3.8 - Multiple Admin+ Stored XSS | Unknown | Login with phone number | 中危 | - | 2022-08-01 12:47:18 | Deep Dive |
| CVE-2017-20127 | KB Login Authentication Script sql injection | unspecified | KB Login Authentication Script | High | 7.3 | 2022-07-13 17:55:18 | Deep Dive |
| CVE-2022-1732 | Rename wp-login.php <= 2.6.0 - Secret URL Update via CSRF | Unknown | Rename wp-login.php | 中危 | - | 2022-07-11 12:56:10 | Deep Dive |
| CVE-2015-5298 | Jenkins Plugin Google Login 授权问题漏洞 | - | Jenkins Google Login Plugin | 中危 | - | 2022-07-07 18:35:40 | Deep Dive |
| CVE-2022-23725 | PingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances | Ping Identity | PingID Windows Login | High | 7.7 | 2022-06-30 19:25:46 | Deep Dive |
| CVE-2022-23720 | PingID Windows Login prior to 2.8 does not alert or halt operation if it has been provisioned with the full permissions PingID properties file | Ping Identity | PingID Windows Login | High | 7.5 | 2022-06-30 19:25:41 | Deep Dive |
| CVE-2022-23719 | PingID Windows Login prior to 2.8 does not authenticate communication with a local Java service used to capture security key requests | Ping Identity | PingID Windows Login | High | 7.2 | 2022-06-30 19:25:35 | Deep Dive |
| CVE-2022-23718 | PingID Windows Login prior to 2.8 uses known vulnerable components that can lead to remote code execution | Ping Identity | PingID Windows Login | High | 7.6 | 2022-06-30 19:25:30 | Deep Dive |
| CVE-2022-23717 | PingID Windows Login prior to 2.8 denial of service condition | Ping Identity | PingID Windows Login | Medium | 5.0 | 2022-06-30 19:25:27 | Deep Dive |
| CVE-2021-41995 | PingID Mac Login prior to 1.1 vulnerable to pre-computed dictionary attacks | Ping Identity | PingID Mac Login | High | 7.7 | 2022-06-30 19:25:23 | Deep Dive |
| CVE-2017-20098 | Admin Custom Login Plugin Persistent cross site scripting | unspecified | Admin Custom Login Plugin | Low | 3.5 | 2022-06-27 18:11:08 | Deep Dive |
| CVE-2022-1994 | Google Authenticator < 1.0.8 - Admin+ Stored Cross-Site Scripting | Unknown | Login With OTP Over SMS, Email, WhatsApp and Google Authenticator | 中危 | - | 2022-06-27 08:59:16 | Deep Dive |
| CVE-2022-1321 | miniOrange's Google Authenticator < 5.5.6 - Admin+ Stored Cross-Site Scripting | Unknown | miniOrange's Google Authenticator – WordPress Two Factor Authentication (2FA , Two Factor, OTP SMS and Email) | Passwordless login | 中危 | - | 2022-06-27 08:56:28 | Deep Dive |
| CVE-2022-1029 | Limit Login Attempts < 4.0.72 - Admin+ Stored Cross-Site Scripting | Unknown | Limit Login Attempts | 中危 | - | 2022-06-27 08:56:11 | Deep Dive |
| CVE-2022-1028 | WordPress Security < 4.2.1 - Admin+ Stored Cross-Site Scripting | Unknown | WordPress Security – Firewall, Malware Scanner, Secure Login and Backup | 中危 | - | 2022-06-27 08:56:06 | Deep Dive |
| CVE-2022-1010 | Login using WordPress Users < 1.13.4 - Admin+ Stored Cross-Site Scripting | Unknown | Login using WordPress Users ( WP as SAML IDP ) | 中危 | - | 2022-06-27 08:55:59 | Deep Dive |
| CVE-2017-20066 | Adminer Login access control | unspecified | Adminer Login | Medium | 5.3 | 2022-06-20 20:10:19 | Deep Dive |
| CVE-2017-20056 | weblizar User Login Log Plugin Stored cross site scriting | weblizar | User Login Log Plugin | Low | 3.5 | 2022-06-16 12:20:24 | Deep Dive |
| CVE-2022-1208 | Ultimate Member <= 2.3.2 - Stored Cross-Site Scripting | ultimatemember | Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin | Medium | 6.4 | 2022-06-13 12:43:38 | Deep Dive |
| CVE-2022-1589 | Change wp-admin Login < 1.1.0 - Unauthenticated Arbitrary Settings Update | Unknown | Change wp-admin login | 高危 | - | 2022-05-30 08:36:04 | Deep Dive |