Melapress: >> Melapress Login Security >> 2.1.0 Security Vulnerabilities
Deserialization of Untrusted Data vulnerability in Melapress MelaPress Login Security allows Object Injection. This issue affects MelaPress Login Security: from n/a through 2.1.0.
CVSS Score
6.6
EPSS Score
0.001
Published
2025-04-16
The MelaPress Login Security and MelaPress Login Security Premium plugins for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'monitor_admin_actions' function in version 2.1.0. This makes it possible for unauthenticated attackers to delete any user.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-04-08