CVE-2025-6895
- EPSS 0.65%
- Veröffentlicht 26.07.2025 04:25:24
- Zuletzt bearbeitet 15.04.2026 00:35:42
The Melapress Login Security plugin for WordPress is vulnerable to Authentication Bypass due to missing authorization within the get_valid_user_based_on_token() function in versions 2.1.0 to 2.1.1. This makes it possible for unauthenticated attackers...
CVE-2025-39565
- EPSS 0.4%
- Veröffentlicht 16.04.2025 12:44:31
- Zuletzt bearbeitet 01.04.2026 17:23:20
Deserialization of Untrusted Data vulnerability in Melapress MelaPress Login Security melapress-login-security allows Object Injection.This issue affects MelaPress Login Security: from n/a through <= 2.1.0.
CVE-2025-2876
- EPSS 0.42%
- Veröffentlicht 08.04.2025 11:11:31
- Zuletzt bearbeitet 17.07.2025 18:15:22
The MelaPress Login Security and MelaPress Login Security Premium plugins for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'monitor_admin_actions' function in version 2.1.0. This makes it possible for ...
CVE-2024-35650
- EPSS 1.72%
- Veröffentlicht 10.06.2024 16:15:15
- Zuletzt bearbeitet 01.04.2026 16:17:15
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Melapress MelaPress Login Security melapress-login-security.This issue affects MelaPress Login Security: from n/a through <= 1.3....