This page lists publicly disclosed CVE vulnerabilities affecting melapress melapress_login_security (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-39565 | Deserialization of Untrusted Data vulnerability in Melapress MelaPress Login Security melapress-login-security allows Object Injection.This issue affects MelaPress Login Security: from n/a through <= 2.1.0. | [email protected] | 6.6 | 0.73% | 2025-04-16 | 2026-06-17 |
| CVE-2025-2876 | The MelaPress Login Security and MelaPress Login Security Premium plugins for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'monitor_admin_actions' function in version 2.1.0. This makes it possible for unauthenticated attackers to delete any user. | [email protected] | 5.3 | 0.31% | 2025-04-08 | 2026-06-17 |
| CVE-2024-35650 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Melapress MelaPress Login Security melapress-login-security.This issue affects MelaPress Login Security: from n/a through <= 1.3.0. | [email protected] | 4.9 | 0.56% | 2024-06-10 | 2026-06-17 |