VYPR

Change Wp Admin Login

by WordPress

Source repositories

CVEs (3)

  • CVE-2025-58595MedNov 6, 2025
    risk 0.34cvss 5.3epss 0.00

    Authentication Bypass by Spoofing vulnerability in Saad Iqbal All In One Login change-wp-admin-login allows Identity Spoofing.This issue affects All In One Login: from n/a through <= 2.0.8.

  • CVE-2023-3604Aug 21, 2023
    risk 0.00cvss epss 0.01

    The Change WP Admin Login WordPress plugin before 1.1.4 discloses the URL of the hidden login page when accessing a crafted URL, bypassing the protection offered.

  • CVE-2022-1589May 30, 2022
    risk 0.00cvss epss 0.01

    The Change wp-admin login WordPress plugin before 1.1.0 does not properly check for authorisation and is also missing CSRF check when updating its settings, which could allow unauthenticated users to change the settings. The attacked could also be performed via a CSRF vector