Medium severity4.3NVD Advisory· Published Jan 31, 2025· Updated Jun 17, 2026
CVE-2024-13530
CVE-2024-13530
Description
The Custom Login Page Styler – Limit Login Attempts – Restrict Content With Login – Redirect After Login – Change Login URL – Sign in , Sign out plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the lps_handle_delete_all_logs(), lps_handle_delete_login_log(), and lps_handle_end_session() functions in all versions up to, and including, 7.1.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete login logs and end user sessions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=7.1.1
Patches
Vulnerability mechanics
References
5- plugins.trac.wordpress.org/browser/login-page-styler/tags/7.1.2/loginPageStylerLogSettings.phpnvd
- plugins.trac.wordpress.org/browser/login-page-styler/tags/7.1.2/loginPageStylerLogSettings.phpnvd
- plugins.trac.wordpress.org/changesetnvd
- wordpress.org/plugins/login-page-stylernvd
- www.wordfence.com/threat-intel/vulnerabilities/id/a143d611-9e22-49d1-9a9f-12f1c45685c4nvd
News mentions
0No linked articles in our index yet.