cbcvebase.

Loginpress Pro vulnerabilities

4 known vulnerabilities affecting loginpress/loginpress_pro.

Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2025-7444P2CRITICALCVSS 9.8≤ 5.0.12025-07-18
CVE-2025-7444 [CRITICAL] CWE-288 CVE-2025-7444: The LoginPress Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to The LoginPress Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.0.1. This is due to insufficient verification on the user being returned by the social login token. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they h
nvd
CVE-2024-32676P4MEDIUMCVSS 5.3≥ n/a, < 3.0.02024-04-25
CVE-2024-32676 [MEDIUM] CWE-307 CVE-2024-32676: Improper Restriction of Excessive Authentication Attempts vulnerability in LoginPress LoginPress Pro Improper Restriction of Excessive Authentication Attempts vulnerability in LoginPress LoginPress Pro allows Removing Important Client Functionality.This issue affects LoginPress Pro: from n/a before 3.0.0.
nvd
CVE-2024-32677P4MEDIUMCVSS 5.3≥ n/a, < 3.0.02024-04-24
CVE-2024-32677 [MEDIUM] CWE-862 CVE-2024-32677: Missing Authorization vulnerability in LoginPress LoginPress Pro.This issue affects LoginPress Pro: Missing Authorization vulnerability in LoginPress LoginPress Pro.This issue affects LoginPress Pro: from n/a before 3.0.0.
nvd
CVE-2026-49058CRITICALCVSS 9.8≥ n/a, ≤ 6.2.22026-06-17
CVE-2026-49058 [CRITICAL] CWE-266 WordPress LoginPress Pro plugin <= 6.2.2 - Privilege Escalation vulnerability WordPress LoginPress Pro plugin <= 6.2.2 - Privilege Escalation vulnerability Unauthenticated Privilege Escalation in LoginPress Pro <= 6.2.2 versions.
cvelistv5
Loginpress Pro vulnerabilities | cvebase