WP-Safety

BasisLogin Security & Risk Analysis

wordpress.org/plugins/basislogin

Customize and secure the WordPress login page: logo, colors, typography, presets, login limits, CAPTCHA, export/import.

0 active installs v0.0.1 PHP 7.4+ WP 5.8+ Updated Oct 2, 2025
brandingcustom-logincustomizationloginsecurity
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is BasisLogin Safe to Use in 2026?

Generally Safe

Score 100/100

BasisLogin has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6mo ago
Risk Assessment

The "basislogin" v0.0.1 plugin presents a generally positive security posture, with no known historical vulnerabilities or critical security issues identified in the static and taint analysis. The absence of CVEs, raw SQL queries, and unprotected entry points are strong indicators of good security practices. The plugin also implements a good number of nonce and capability checks, suggesting an effort to secure its interactive elements.

However, a significant concern arises from the output escaping. With only 50% of the 307 total outputs properly escaped, there's a substantial risk of Cross-Site Scripting (XSS) vulnerabilities. This means that user-supplied or dynamic data displayed on the front-end or in administrative interfaces could potentially be executed as malicious JavaScript.

Despite the lack of immediate critical threats from taint analysis or historical data, the high percentage of unescaped output is a notable weakness. This oversight could lead to serious security breaches if not addressed. Therefore, while the plugin demonstrates several positive security attributes, the unescaped output represents a significant area for immediate improvement to mitigate potential XSS risks.

Key Concerns

  • Unescaped output (50% properly escaped)
Vulnerabilities
None known

BasisLogin Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

BasisLogin Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
153
154 escaped
Nonce Checks
6
Capability Checks
8
File Operations
0
External Requests
2
Bundled Libraries
0

Output Escaping

50% escaped307 total outputs
Data Flows
All sanitized

Data Flow Analysis

3 flows
ajax_save_options (includes\class-basislogin-admin.php:862)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

BasisLogin Attack Surface

Entry Points4
Unprotected0

AJAX Handlers 4

authwp_ajax_basislogin_save_optionsincludes\class-basislogin-admin.php:16
authwp_ajax_basislogin_reset_groupincludes\class-basislogin-admin.php:17
authwp_ajax_basislogin_export_optionsincludes\class-basislogin-admin.php:18
authwp_ajax_basislogin_import_optionsincludes\class-basislogin-admin.php:19
WordPress Hooks 28
actionplugins_loadedbasislogin.php:50
actionlogin_formincludes\class-basislogin-2fa.php:23
filterauthenticateincludes\class-basislogin-2fa.php:24
actionshow_user_profileincludes\class-basislogin-2fa.php:25
actionedit_user_profileincludes\class-basislogin-2fa.php:26
actionpersonal_options_updateincludes\class-basislogin-2fa.php:27
actionedit_user_profile_updateincludes\class-basislogin-2fa.php:28
actionadmin_menuincludes\class-basislogin-admin.php:10
actionadmin_enqueue_scriptsincludes\class-basislogin-admin.php:11
actionadmin_initincludes\class-basislogin-admin.php:12
actionadmin_post_basislogin_security_actionincludes\class-basislogin-admin.php:13
actionlogin_enqueue_scriptsincludes\class-basislogin-frontend.php:10
filterlogin_headerurlincludes\class-basislogin-frontend.php:11
filterlogin_headertextincludes\class-basislogin-frontend.php:12
actionlogin_headincludes\class-basislogin-frontend.php:13
actionlogin_footerincludes\class-basislogin-frontend.php:14
filterlogin_redirectincludes\class-basislogin-frontend.php:15
filterlogout_redirectincludes\class-basislogin-frontend.php:16
actionlogin_formincludes\class-basislogin-frontend.php:17
filterauthenticateincludes\class-basislogin-frontend.php:18
actionlogin_enqueue_scriptsincludes\class-basislogin-frontend.php:19
actiontemplate_redirectincludes\class-basislogin-frontend.php:23
filterauthenticateincludes\class-basislogin-security.php:21
actionwp_login_failedincludes\class-basislogin-security.php:22
actionwp_loginincludes\class-basislogin-security.php:23
filterlogin_errorsincludes\class-basislogin-security.php:27
actionwp_scheduled_deleteincludes\class-basislogin-security.php:31
actionadmin_initincludes\class-basislogin-settings.php:19
Maintenance & Trust

BasisLogin Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedOct 2, 2025
PHP min version7.4
Downloads169

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

BasisLogin Alternatives

Custom Login

Custom Login

custom-login

A
100

Custom Login allows you to easily customize your admin login page, works great for client sites!

20K 1 CVE
GS Custom Login

GS Custom Login

gs-custom-login

A
100

A simple, lightweight Plugin to Customize Your WordPress Login Screen Amazingly.

100 No CVEs
PWD WP Login

PWD WP Login

pwd-wp-login

A
85

This plugin allows you to easy customize your login WordPress Dashboard using API customizer.

100 No CVEs
Stylish Login Pro

Stylish Login Pro

stylish-login-pro

A
85

Stylish Login Pro is a simple modern plugin I made so that I could customize the login screen on my own websit.

10 No CVEs
Custom Login Logo and URL

Custom Login Logo and URL

custom-login-logo-and-url

A
92

Effortlessly customize your WordPress login page with a custom logo and branded URL to enhance user experience and security.

0 No CVEs
Developer Profile

BasisLogin Developer Profile

roehler

5 plugins · 210 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect BasisLogin

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/basislogin/assets/css/admin.css/wp-content/plugins/basislogin/assets/js/admin.js
Version Parameters
basislogin/assets/css/admin.css?ver=basislogin/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
basislogin-adminbasislogin-titlebasislogin-iconbasislogin-subtitle
Data Attributes
data-basislogin-ajax-urldata-basislogin-nonce
JS Globals
BasisLogin
FAQ

Frequently Asked Questions about BasisLogin