cleantalk
Vulnerabilities and Security Researches

Change WordPress Login Logo, 099fdf18-2888-4fbf-a72f-17f744bdfa92

CVE, Research URL

099fdf18-2888-4fbf-a72f-17f744bdfa92

Home page URL

Security reports for Change WordPress Login Logo

Application

Change WordPress Login Logo

Published on
-
Research Description
Change WordPress Login Logo [change-login-logo] < 1.1.5 Change WordPress Login Logo &lt; 1.1.5 - Authenticated Stored Cross-Site Scripting The height, and width fields used to update the custom logo was found to be vulnerable to stored XSS, as they did not sanitize user input properly before publishing the changes. It is triggered when a user loads the login page.
Affected versions
max 1.1.5.
Status
vulnerable
Previous vulnerability researches
Products Quick View for WooCommerce (a258db14fac7c6fbd217ffebb5a812d26ac46780) , Jun 16, 2026
Products Quick View for WooCommerce (de3e06615019aff108fb9f37a06bdb545ac61b79) , Jun 16, 2026
Products Quick View for WooCommerce (d1b0f784da3ca0f399c542515fda1423816819f0) , Jun 06, 2024
New vulnerability
WP SPID Italia (6d8910c719b2a132ec93828cd37e418b19cac960) , Jun 16, 2026
WP SPID Italia (8e47b49f82b0505ac2a6ff60c7eaa2e7bf6393e0) , Jun 16, 2026
Companion Auto Update (8f0e42fbcafedfe8c5a1a2e574977b4c09516724) , Jun 16, 2026
Companion Auto Update (7cd2d4dc-1f88-40bb-b32c-c047aeaa7996) , Jun 16, 2026
Companion Auto Update (4ed0f911f8fcd2b401511da7c4879e693fff1d89) , Jun 16, 2026