| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2021-43409 | WPO365 | LOGIN - Wordpress Plugin Persistent Cross-Site Scripting | wpo365.com | WordPress + Microsoft Office 365 / Azure AD | LOGIN | Critical | 9.3 | 2021-11-19 15:39:01 | Deep Dive |
| CVE-2021-24804 | Simple JWT Login < 3.2.1 - Arbitrary Settings Update to Site Takeover via CSRF | Unknown | Simple JWT Login – Login and Register to WordPress using JWT | 高危 | - | 2021-11-17 10:15:43 | Deep Dive |
| CVE-2021-24654 | User Registration < 2.0.2 - Low Privilege Stored Cross-Site Scripting | Unknown | User Registration – Custom Registration Form, Login And User Profile For WordPress | 中危 | - | 2021-10-04 11:20:17 | Deep Dive |
| CVE-2021-24657 | Limit Login Attempts < 4.0.50 - Unauthenticated Stored Cross-Site Scripting | Unknown | Limit Login Attempts | 中危 | - | 2021-09-20 10:06:48 | Deep Dive |
| CVE-2021-24658 | Erident Custom Login and Dashboard < 3.5.9 - Authenticated Stored Cross-Site Scripting (XSS) | Libin V Babu | Erident Custom Login and Dashboard | 中危 | - | 2021-08-23 11:10:20 | Deep Dive |
| CVE-2021-24536 | Custom Login Redirect <= 1.0.0 - CSRF to Stored XSS | Unknown | Custom Login Redirect | 中危 | - | 2021-08-16 10:48:30 | Deep Dive |
| CVE-2021-24522 | ProfilePress < 3.1.11 - Unauthenticated Cross-Site Scripting (XSS) in tabbed login/register widget | Unknown | User Registration, User Profile, Login & Membership – ProfilePress (Formerly WP User Avatar) | 中危 | - | 2021-08-09 10:04:15 | Deep Dive |
| CVE-2021-34628 | Admin Custom Login <= 3.2.7 - Cross-Site Request Forgery to Stored Cross-Site Scripting | Weblizar | Admin Custom Login | High | 8.8 | 2021-08-02 20:39:16 | Deep Dive |
| CVE-2021-24450 | ProfilePress < 3.1.8 - Authenticated Stored XSS | Unknown | User Registration, User Profiles, Login & Membership – ProfilePress (Formerly WP User Avatar) | 中危 | - | 2021-08-02 10:32:00 | Deep Dive |
| CVE-2021-24328 | WP Login Security and History <= 1.0 - CSRF to Stored Cross-Site Scripting (XSS) | Unknown | WP Login Security and History | 中危 | - | 2021-06-01 11:33:31 | Deep Dive |
| CVE-2021-24306 | Ultimate Member < 2.1.20 - Authenticated Reflected Cross-Site Scripting (XSS) | Ultimate Member | Ultimate Member – User Profile, User Registration, Login & Membership Plugin | 中危 | - | 2021-05-24 10:58:05 | Deep Dive |
| CVE-2021-24189 | Captchinoo, Google recaptcha for admin login page < 2.4 - Arbitrary Plugin Installation/Activation via Low Privilege User | wp-buy | Captchinoo, Google recaptcha for admin login page | 高危 | - | 2021-05-14 11:38:16 | Deep Dive |
| CVE-2021-24194 | Login Protection - Limit Failed Login Attempts < 2.9 - Arbitrary Plugin Installation/Activation via Low Privilege User | wp-buy | Login Protection – Limit Failed Login Attempts | 高危 | - | 2021-05-14 11:38:16 | Deep Dive |
| CVE-2021-24195 | Login as User or Customer (User Switching) < 1.9 - Arbitrary Plugin Installation/Activation via Low Privilege User | wp-buy | Login as User or Customer (User Switching) | 高危 | - | 2021-05-14 11:38:16 | Deep Dive |
| CVE-2021-24239 | Pie Register < 3.7.0.1 - Reflected Cross-Site Scripting (XSS) | Unknown | Pie Register – User Registration Forms. Invitation based registrations, Custom Login, Payments | 中危 | - | 2021-04-22 21:00:51 | Deep Dive |
| CVE-2013-1053 | Insecure crypto for storing passwords | Canonical | remote-login-service | Medium | 5.5 | 2021-01-13 23:00:17 | Deep Dive |
| CVE-2020-15164 | Authentication Bypass in Scratch Login (mediawiki-scratch-login) | InternationalScratchWiki | mediawiki-scratch-login | Critical | 10.0 | 2020-08-28 17:05:13 | Deep Dive |
| CVE-2013-2198 | Login Security 安全漏洞 | Login Security | Login Security | 超危 | - | 2020-01-30 20:35:21 | Deep Dive |
| CVE-2017-17029 | QNAP QTS 缓冲区错误漏洞 | QNAP | QTS Login function | 超危 | - | 2017-12-21 15:00:00 | Deep Dive |
| CVE-2017-17030 | QNAP QTS 缓冲区错误漏洞 | QNAP | QTS Login function | 超危 | - | 2017-12-21 15:00:00 | Deep Dive |