Vulnerabilities > Featherplugins > Feather Login Page

DATE CVE VULNERABILITY TITLE RISK
2023-05-31 CVE-2023-2545 Missing Authorization vulnerability in Featherplugins Feather Login Page 1.0.7/1.1.1
The Feather Login Page plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'getListOfUsers' function in versions starting from 1.0.7 up to, and including, 1.1.1.
network
low complexity
featherplugins CWE-862
8.8
8.8
2023-05-31 CVE-2023-2547 Missing Authorization vulnerability in Featherplugins Feather Login Page 1.0.7/1.1.1
The Feather Login Page plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'deleteUser' function in versions starting from 1.0.7 up to, and including, 1.1.1.
network
low complexity
featherplugins CWE-862
5.4
5.4
2023-05-31 CVE-2023-2549 Cross-Site Request Forgery (CSRF) vulnerability in Featherplugins Feather Login Page 1.0.7/1.1.1
The Feather Login Page plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions starting from 1.0.7 up to, and including, 1.1.1.
network
low complexity
featherplugins CWE-352
8.8
8.8