VYPR

Custom Login Page \| Temporary Users \| Rebrand Login \| Login Captcha

by Featherplugins

CVEs (4)

  • CVE-2023-2549HigMay 31, 2023
    risk 0.57cvss 8.8epss 0.00

    The Feather Login Page plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions starting from 1.0.7 up to, and including, 1.1.1. This is due to missing nonce validation in the 'createTempAccountLink' function. This makes it possible for unauthenticated…

  • CVE-2023-2545HigMay 31, 2023
    risk 0.53cvss 8.1epss 0.01

    The Feather Login Page plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'getListOfUsers' function in versions starting from 1.0.7 up to, and including, 1.1.1. This makes it possible for authenticated attackers, with…

  • CVE-2023-46777MedNov 6, 2023
    risk 0.35cvss 5.4epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Custom Login Page | Temporary Users | Rebrand Login | Login Captcha plugin <= 1.1.3 versions.

  • CVE-2023-2547MedMay 31, 2023
    risk 0.35cvss 5.4epss 0.00

    The Feather Login Page plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'deleteUser' function in versions starting from 1.0.7 up to, and including, 1.1.1. This makes it possible for authenticated attackers, with…