What is the severity of CVE-2025-39363?

CVE-2025-39363 has been classified as a medium-severity vulnerability due to the potential for stored cross-site scripting (XSS) attacks.

What impact does CVE-2025-39363 have on my website?

CVE-2025-39363 can allow an attacker to inject malicious scripts that execute in the context of the user's browser, compromising user data and account security.

Which versions of AlphaEfficiencyTeam Custom Login and Registration are affected by CVE-2025-39363?

CVE-2025-39363 affects all versions of AlphaEfficiencyTeam Custom Login and Registration up to and including version 1.0.0.

Is CVE-2025-39363 specific to any particular platform?

CVE-2025-39363 specifically affects the AlphaEfficiencyTeam Custom Login and Registration plugin used within WordPress.

Vulnerability/
CVE-2025-39363

medium

6.5

CWE

EPSS

0.033%

5/5/2025

7/5/2025

CVE-2025-39363: WordPress Custom Login and Registration <= 1.0.0 - Cross Site Scripting (XSS) Vulnerability

Q: How do I fix CVE-2025-39363?

To fix CVE-2025-39363, upgrade the AlphaEfficiencyTeam Custom Login and Registration plugin to a version later than 1.0.0.

First published: Mon May 05 2025(Updated: )

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AlphaEfficiencyTeam Custom Login and Registration allows Stored XSS.This issue affects Custom Login and Registration: from n/a through 1.0.0.

Credit: audit@patchstack.com

Affected Software	Affected Version	How to fix
Alphaefficiencyteam Custom Login And Registration Wordpress	<=1.0.0
Alphaefficiencyteam Custom Login And Registration Wordpress	<=1.0.0
WordPress Custom Login and Registration	<=1.0.0

Never miss a vulnerability like this again

Reference Links

https://patchstack.com/database/wordpress/plugin/ms-registration/vulnerability/wordpress-custom-login-and-registration-1-0-0-cross-site-scripting-xss-vulnerability?_s_id=cve

Frequently Asked Questions

What is the severity of CVE-2025-39363?
CVE-2025-39363 has been classified as a medium-severity vulnerability due to the potential for stored cross-site scripting (XSS) attacks.
How do I fix CVE-2025-39363?
To fix CVE-2025-39363, upgrade the AlphaEfficiencyTeam Custom Login and Registration plugin to a version later than 1.0.0.
What impact does CVE-2025-39363 have on my website?
CVE-2025-39363 can allow an attacker to inject malicious scripts that execute in the context of the user's browser, compromising user data and account security.
Which versions of AlphaEfficiencyTeam Custom Login and Registration are affected by CVE-2025-39363?
CVE-2025-39363 affects all versions of AlphaEfficiencyTeam Custom Login and Registration up to and including version 1.0.0.
Is CVE-2025-39363 specific to any particular platform?
CVE-2025-39363 specifically affects the AlphaEfficiencyTeam Custom Login and Registration plugin used within WordPress.

collector/mitre-cve
source/MITRE
agent/weakness
agent/references
agent/title
agent/type
agent/description
agent/first-publish-date
agent/author
agent/source
collector/epss-latest
source/FIRST
agent/epss
agent/severity
agent/last-modified-date
agent/event
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/softwarecombine
agent/tags
agent/guess-ai
vendor/alphaefficiencyteam
canonical/alphaefficiencyteam custom login and registration wordpress
version/alphaefficiencyteam custom login and registration wordpress/1.0.0
vendor/wordpress
canonical/wordpress custom login and registration

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.