Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-41839 | 1 Wpbrigade | 1 Loginpress | 2022-11-22 | N/A | 5.3 MEDIUM |
| Broken Access Control vulnerability in WordPress LoginPress plugin <= 1.6.2 on WordPress leading to unauth. changing of Opt-In or Opt-Out tracking settings. | |||||
| CVE-2022-0347 | 1 Wpbrigade | 1 Loginpress | 2022-03-11 | 4.3 MEDIUM | 6.1 MEDIUM |
| The LoginPress | Custom Login Page Customizer WordPress plugin before 1.5.12 does not escape the redirect-page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting | |||||
| CVE-2019-15871 | 1 Wpbrigade | 1 Loginpress | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| The LoginPress plugin before 1.1.4 for WordPress has no capability check for updates to settings. | |||||
| CVE-2019-15872 | 1 Wpbrigade | 1 Loginpress | 2019-09-05 | 7.5 HIGH | 9.8 CRITICAL |
| The LoginPress plugin before 1.1.4 for WordPress has SQL injection via an import of settings. | |||||