| CVE-2025-2050 | PHPGurukul User Registration & Login and User Management System login.php sql injection | PHPGurukul | User Registration & Login and User Management System | High | 7.3 | 2025-03-06 23:31:06 | Deep Dive |
| CVE-2024-13147 | SQLi in Merkur Software's B2B Login Panel | Merkur Software | B2B Login Panel | Critical | 9.8 | 2025-03-05 14:06:04 | Deep Dive |
| CVE-2024-11951 | Homey Login Register <= 2.4.0 - Unauthenticated Privilege Escalation in homey_register | Fave Themes | Homey Login Register | Critical | 9.8 | 2025-03-05 11:22:10 | Deep Dive |
| CVE-2025-1702 | Ultimate Member <= 2.10.0 - Unauthenticated SQL Injection via search Parameter | ultimatemember | Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin | High | 7.5 | 2025-03-05 11:22:09 | Deep Dive |
| CVE-2025-27269 | WordPress .htaccess Login block Plugin <= 0.9a - Reflected Cross Site Scripting (XSS) vulnerability | Anton Aleksandrov | .htaccess Login block | High | 7.1 | 2025-03-03 13:30:30 | Deep Dive |
| CVE-2025-23716 | WordPress Login Watchdog plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability | JkmAS | Login Watchdog | High | 7.1 | 2025-03-03 13:30:16 | Deep Dive |
| CVE-2025-23587 | WordPress all-in-one-box-login plugin <= 2.0.1 - Reflected Cross Site Scripting (XSS) vulnerability | Ashek Al Mahmud | all-in-one-box-login | High | 7.1 | 2025-03-03 13:30:14 | Deep Dive |
| CVE-2025-23505 | WordPress Pit Login Welcome plugin <= 1.1.5 - Reflected Cross Site Scripting (XSS) vulnerability | Pantho Bihosh | Pit Login Welcome | High | 7.1 | 2025-03-03 13:30:08 | Deep Dive |
| CVE-2025-1506 | Wp Social Login and Register Social Counter <= 3.1.0 - Cross-Site Request Forgery to Settings Update | roxnor | Wp Social Login and Register Social Counter | Medium | 4.3 | 2025-02-28 05:23:16 | Deep Dive |
| CVE-2025-1511 | User Registration & Membership – Custom Registration Form, Login Form, and User Profile <= 4.0.4 - Reflected Cross-Site Scripting | wpeverest | User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder | Medium | 6.1 | 2025-02-28 05:23:14 | Deep Dive |
| CVE-2024-13148 | SQLi in Yukseloglu Filter's B2B Login Platform | Yukseloglu Filter | B2B Login Platform | Critical | 9.8 | 2025-02-27 14:22:58 | Deep Dive |
| CVE-2025-1717 | Login Me Now <= 1.7.2 - Authentication Bypass | pluginly | Login Me Now – Passwordless, Magic Link, OTP & Social Login for WordPress | High | 8.1 | 2025-02-27 07:23:13 | Deep Dive |
| CVE-2024-12276 | Ultimate Member <= 2.9.2 - Authenticated SQL Injection | ultimatemember | Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin | Medium | 5.3 | 2025-02-21 09:21:06 | Deep Dive |
| CVE-2024-13818 | Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction <= 3.8.4 - Sensitive Information Exposure via Log Files | genetechproducts | Pie Register – User Registration, Profiles & Content Restriction | Medium | 5.3 | 2025-02-21 03:21:21 | Deep Dive |
| CVE-2025-1064 | Login/Signup Popup ( Inline Form + Woocommerce ) <= 2.8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via xoo_el_action Shortcode | xootix | Login & Register Customizer – Popup | Slider | Inline | WooCommerce | Medium | 6.4 | 2025-02-20 08:22:07 | Deep Dive |
| CVE-2024-11753 | UMich OIDC Login <= 1.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | umichitswebhosting | UMich OIDC Login | Medium | 6.4 | 2025-02-19 07:32:12 | Deep Dive |
| CVE-2025-23568 | WordPress WP Login Attempt Log plugin <= 1.3 - Reflected Cross Site Scripting (XSS) vulnerability | fredsted | WP Login Attempt Log | High | 7.1 | 2025-02-14 12:44:29 | Deep Dive |
| CVE-2025-26547 | WordPress My Login Logout Plugin plugin <= 2.4 - CSRF to Stored Cross-Site Scripting vulnerability | nagarjunsonti | My Login Logout Plugin | High | 7.1 | 2025-02-13 13:52:50 | Deep Dive |
| CVE-2024-13120 | ProfilePress < 4.15.20 - Admin+ Stored XSS | Unknown | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content | 中危 | - | 2025-02-13 06:00:12 | Deep Dive |
| CVE-2024-13121 | Paid Membership Plugin < 4.15.20 - Admin+ Stored XSS | Unknown | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content | 中危 | - | 2025-02-13 06:00:12 | Deep Dive |