Idehweb Login With Phone Number — known CVE vulnerabilities
Every CVE whose affected-product data names Idehweb Login With Phone Number, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2023-23492 — CVSS 8.8 (high): The Login with Phone Number WordPress Plugin, version < 1.4.2, is affected by an authenticated SQL injection vulnerability in the 'ID'…
CVE-2023-4916 — CVSS 8.8 (high): The Login with phone number plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.6. This…
CVE-2024-6482 — CVSS 8.8 (high): The Login with phone number plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.7.49. This…
CVE-2022-0593 — CVSS 6.5 (medium): The Login with phone number WordPress plugin before 1.3.7 includes a file delete.php with no form of authentication or authorization checks…
CVE-2024-37429 — CVSS 5.9 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hamid Alinia Login with phone number…
CVE-2022-0598 — CVSS 4.8 (medium): The Login with phone number WordPress plugin before 1.3.8 does not sanitise and escape plugin settings which could allow high privilege…