Primary

Context

Custom Login Page Styler WordPress Plugin Unauthorized Log Deletion and Session Termination Vulnerability

Vulnerability

A vulnerability exists in the Custom Login Page Styler WordPress plugin, specifically in versions through 7.1.1. The issue arises from a lack of proper capability checks in several functions, allowing authenticated users with Subscriber-level access and above to delete login logs and terminate user sessions. This unauthorized access could be exploited to manipulate login activity records and disrupt user sessions.

Impact

Exploitation of this vulnerability could lead to unauthorized deletion of login logs and termination of user sessions for users with active sessions.

Remediation

Users can update to version 7.1.2 or a newer patched version to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

5.9

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

5.9

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Custom Login Page Styler WordPress Plugin Unauthorized Log Deletion and Session Termination Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating