Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 500 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-13604 Login Security, FireWall, Malware removal by CleanTalk <= 2.168 - Unauthenticated Stored Cross-Site Scripting via Page URL cleantalkLogin Security, FireWall, Malware removal by CleanTalk High 7.2 2025-12-09 04:36:25 Deep Dive
CVE-2025-13620 Wp Social Login and Register Social Counter <= 3.1.3 - Missing Authorization in Cache REST Endpoints to Social Counter Tampering roxnorWp Social Login and Register Social Counter Medium 5.3 2025-12-05 10:57:56 Deep Dive
CVE-2025-13737 Nextend Social Login and Register <= 3.1.21 - Cross-Site Request Forgery to Unlink User Social Login nextendwebNextend Social Login and Register Medium 4.3 2025-11-28 03:27:06 Deep Dive
CVE-2025-12822 WP Login and Register using JWT <= 3.0.0 - Missing Authorization to Authenticated (Subscriber+) API Key Exposure cyberlord92WP Login and Register using JWT Medium 4.3 2025-11-19 05:45:15 Deep Dive
CVE-2025-12132 WP Custom Admin Login Page Logo <= 1.4.8.4 - Cross-Site Request Forgery to Settings Update larsactionheroWP Custom Admin Login Page Logo Medium 4.3 2025-11-11 03:30:41 Deep Dive
CVE-2025-58595 WordPress All In One Login plugin <= 2.0.8 - Bypass Vulnerability vulnerability Saad IqbalAll In One Login 中危 -2025-11-06 15:54:22 Deep Dive
CVE-2025-49946 WordPress Auto Login After Registration plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability Cynob IT ConsultancyAuto Login After Registration--2025-10-22 14:32:18 Deep Dive
CVE-2025-48093 WordPress Password only login plugin <= 0.2 - Reflected Cross Site Scripting (XSS) vulnerability CalvawebPassword only login--2025-10-22 14:32:06 Deep Dive
CVE-2017-20208 RegistrationMagic - Custom Registration Forms <= 3.7.9.2 - PHP Object Injection metagaussRegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login Critical 9.8 2025-10-18 03:33:25 Deep Dive
CVE-2025-11196 External Login <= 1.11.2 - Authenticated (Subscriber+) Sensitive Data Exposure via Test Connection tbenyonExternal Login Medium 4.3 2025-10-15 08:26:02 Deep Dive
CVE-2025-10294 OwnID Passwordless Login <= 1.3.4 - Authentication Bypass victornavarroOwnID Passwordless Login Critical 9.8 2025-10-15 08:26:01 Deep Dive
CVE-2025-10140 Quick Social Login <= 1.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting andreiignaQuick Social Login Medium 6.4 2025-10-15 08:26:00 Deep Dive
CVE-2025-10299 WPBifröst – Instant Passwordless Temporary Login Links <= 1.0.7 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation hakikBifröst – Instant Passwordless Temporary Login Links High 8.8 2025-10-15 08:25:55 Deep Dive
CVE-2025-11177 External Login <= 1.11.2 - Unauthenticated SQL Injection via log tbenyonExternal Login High 7.5 2025-10-15 08:25:55 Deep Dive
CVE-2025-10648 Login with YourMembership - YM SSO Login <= 1.1.7 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'moym_display_test_attributes' cyberlord92Login with YourMembership – YM SSO Login Medium 5.3 2025-10-15 08:25:51 Deep Dive
CVE-2025-11167 CM Registration – Tailored tool for seamless login and invitation-based registrations <= 2.5.6 - Open Redirect creativemindssolutionsCM Registration – Tailored tool for seamless login and invitation-based registrations Medium 4.7 2025-10-11 08:29:17 Deep Dive
CVE-2025-8093 Authenticator Login - Moderately critical - Access bypass - SA-CONTRIB-2025-098 DrupalAuthenticator Login--2025-10-10 22:23:58 Deep Dive
CVE-2025-11204 RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.6.2 - Authenticated (Administrator+) SQL Injection metagaussRegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login High 7.2 2025-10-08 04:23:40 Deep Dive
CVE-2025-60098 WordPress Theme My Login Plugin <= 7.1.12 - Broken Access Control Vulnerability Jeff FarthingTheme My Login Medium 6.5 2025-09-26 08:31:20 Deep Dive
CVE-2025-58960 WordPress IP Based Login Plugin <= 2.4.3 - Cross Site Scripting (XSS) Vulnerability brijeshk89IP Based Login Medium 5.9 2025-09-22 18:26:13 Deep Dive