CVE-2025-23716

UNKNOWN 0.0

WordPress Login Watchdog plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability

CVSS Score

0.0

EPSS Score

0.1%

EPSS Percentile

26th

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JkmAS Login Watchdog login-watchdog allows Stored XSS.This issue affects Login Watchdog: from n/a through <= 1.0.4.

CWE	CWE-79
Vendor	jkmas
Product	login watchdog
Published	Mar 3, 2025
Last Updated	Apr 1, 2026

Stay Ahead of the Next One

Get instant alerts for jkmas login watchdog

Be the first to know when new unknown vulnerabilities affecting jkmas login watchdog are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

JkmAS / Login Watchdog

0 ≤ 1.0.4

References

NVD ↗ CVE.org ↗ EPSS Data ↗

patchstack.com: https://patchstack.com/database/Wordpress/Plugin/login-watchdog/vulnerability/wordpress-login-watchdog-plugin-1-0-4-cross-site-scripting-xss-vulnerability?_s_id=cve

Credits

Zlrqh | Patchstack Bug Bounty Program