Wpexperts All In One Login — known CVE vulnerabilities
Every CVE whose affected-product data names Wpexperts All In One Login, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2022-1589 — CVSS 7.5 (high): The Change wp-admin login WordPress plugin before 1.1.0 does not properly check for authorisation and is also missing CSRF check when…
CVE-2023-3604 — CVSS 7.5 (high): The Change WP Admin Login WordPress plugin before 1.1.4 discloses the URL of the hidden login page when accessing a crafted URL, bypassing…