Does Birds Custom Login have any unpatched vulnerabilities?

No. All known vulnerabilities in Birds Custom Login have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Birds Custom Login compatible with WordPress 5.4.19?

According to WordPress.org data, Birds Custom Login 1.0.8 has been tested up to WordPress 5.4.19. Check the plugin's changelog for the latest compatibility information.

How often is Birds Custom Login updated?

Birds Custom Login was last updated on Apr 1, 2020. Frequent updates are generally a positive security signal.

What is Birds Custom Login's security score?

Birds Custom Login has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Birds Custom Login Security & Risk Analysis

wordpress.org/plugins/birds-custom-login

Birds Custom Login allows you to easily customize your admin login page according to your needs.

4K active installs v1.0.8 PHP + WP 4.0+ Updated Apr 1, 2020

adminbrand-loginbranded-logincustom-logincustom-login-color

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Birds Custom Login Safe to Use in 2026?

Generally Safe

Score 85/100

Birds Custom Login has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago

Risk Assessment

The "birds-custom-login" plugin version 1.0.8 exhibits a generally strong security posture based on the static analysis. The absence of detected AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the potential attack surface. Furthermore, the fact that all SQL queries utilize prepared statements is a positive indicator of secure database interaction. The plugin also shows no history of known vulnerabilities, which suggests a history of responsible development and maintenance.

However, a notable concern arises from the low percentage (27%) of properly escaped outputs. This indicates a significant risk of Cross-Site Scripting (XSS) vulnerabilities, where unsanitized data could be injected and executed within the user's browser. While no taint flows were detected, the lack of proper output escaping creates an opening for such attacks. The complete absence of nonce checks and capability checks, although not directly flagged as critical due to the limited attack surface, is a weakness that could become a significant risk if new entry points are introduced in future versions without corresponding security measures. The plugin's strengths lie in its limited attack surface and secure SQL practices, but the output escaping issue is a tangible and concerning weakness.

Key Concerns

Low percentage of properly escaped output
No nonce checks implemented
No capability checks implemented

Vulnerabilities

None known

Birds Custom Login Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Birds Custom Login Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

12 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

27% escaped45 total outputs

Attack Surface

Birds Custom Login Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 11

filterlogin_headerurladmin\settings\apply-css.php:17

actionadmin_headadmin\settings\apply-css.php:95

actionlogin_enqueue_scriptsadmin\settings\apply-css.php:338

actionadmin_menuadmin\settings\class-settings.php:41

actionadmin_initadmin\settings\class-settings.php:42

actionadmin_enqueue_scriptsadmin\settings\class-settings.php:142

actionactivated_pluginadmin\settings\class-settings.php:401

actionadmin_enqueue_scriptsbirds-custom-login.php:56

actionadmin_enqueue_scriptsbirds-custom-login.php:57

actionwp_enqueue_scriptsbirds-custom-login.php:59

actionwp_enqueue_scriptsbirds-custom-login.php:60

Maintenance & Trust

Birds Custom Login Maintenance & Trust

Maintenance Signals

WordPress version tested5.4.19

Last updatedApr 1, 2020

PHP min version

Downloads52K

Community Trust

Rating100/100

Number of ratings28

Active installs4K

Alternatives

Birds Custom Login Alternatives

Bobs Custom Login

bobs-custom-login

Bobs Custom Login allows you to easily customize your admin login page according to your needs.

100 No CVEs

All In One Login — WP Admin Login Page Security and Customization with Google reCAPTCHA, Social Login, Limit Login Attempt, 2FA, and more.

change-wp-admin-login

Do you want to secure and customize the WordPress login page? Download the All in One Login plugin for login page security and customization.

70K 3 CVEs

Ultimate Dashboard – Custom WordPress Dashboard

ultimate-dashboard

The #1 Plugin to Customize the WordPress Dashboard!

60K 8 CVEs

Admin Custom Login

admin-custom-login

Customize Your WordPress Login Screen Amazingly - Add Own Logo, Add Social Profiles, Login Form Positions, Background Image Slide Show

20K 2 CVEs

AGCA – Custom Dashboard & Login Page

ag-custom-admin

CHANGE: admin menu, login page, admin bar, dashboard widgets, custom colors, custom CSS & JS, logo & images

20K 5 CVEs

Developer Profile

Birds Custom Login Developer Profile

Frederic Serva

1 plugin · 4K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Birds Custom Login

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/birds-custom-login/admin/js/jquery.backstretch.min.js

HTML / DOM Fingerprints

CSS Classes

bcl-login-form

Data Attributes

data-bcl-login-styledata-bcl-logo-widthdata-bcl-logo-heightdata-bcl-logo-margin-topdata-bcl-logo-margin-bottomdata-bcl-form-width+13 more

FAQ