CVE-2025-6895
- EPSS 0.64%
- Veröffentlicht 26.07.2025 04:25:24
- Zuletzt bearbeitet 15.04.2026 00:35:42
The Melapress Login Security plugin for WordPress is vulnerable to Authentication Bypass due to missing authorization within the get_valid_user_based_on_token() function in versions 2.1.0 to 2.1.1. This makes it possible for unauthenticated attackers...
CVE-2025-39565
- EPSS 0.73%
- Veröffentlicht 16.04.2025 12:44:31
- Zuletzt bearbeitet 23.04.2026 15:29:47
Deserialization of Untrusted Data vulnerability in Melapress MelaPress Login Security melapress-login-security allows Object Injection.This issue affects MelaPress Login Security: from n/a through <= 2.1.0.
CVE-2025-2876
- EPSS 0.31%
- Veröffentlicht 08.04.2025 11:11:31
- Zuletzt bearbeitet 17.07.2025 18:15:22
The MelaPress Login Security and MelaPress Login Security Premium plugins for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'monitor_admin_actions' function in version 2.1.0. This makes it possible for ...
CVE-2024-35650
- EPSS 0.56%
- Veröffentlicht 10.06.2024 16:15:15
- Zuletzt bearbeitet 23.04.2026 15:18:29
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Melapress MelaPress Login Security melapress-login-security.This issue affects MelaPress Login Security: from n/a through <= 1.3....