Does Custom Login Customizer have any unpatched vulnerabilities?

No. All known vulnerabilities in Custom Login Customizer have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Custom Login Customizer compatible with WordPress 5.8.13?

According to WordPress.org data, Custom Login Customizer 1.0.0 has been tested up to WordPress 5.8.13. Check the plugin's changelog for the latest compatibility information.

Is Custom Login Customizer compatible with PHP 7.2+?

Custom Login Customizer requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Custom Login Customizer updated?

Custom Login Customizer was last updated on Dec 7, 2021. Frequent updates are generally a positive security signal.

What is Custom Login Customizer's security score?

Custom Login Customizer has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Custom Login Customizer Security & Risk Analysis

wordpress.org/plugins/custom-login-customizer

Custom Login Customizer plugin allows you to easily customize your wordpress site login page from your Customizer Panel!

10 active installs v1.0.0 PHP 7.2+ WP 5.2+ Updated Dec 7, 2021

customizerloginlogin-customizerlogin-logologo

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Custom Login Customizer Safe to Use in 2026?

Generally Safe

Score 85/100

Custom Login Customizer has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

Based on the static analysis, "custom-login-customizer" v1.0.0 appears to have a strong security posture with no identified vulnerabilities in its attack surface or taint analysis. The absence of dangerous functions, raw SQL queries, and external HTTP requests are positive indicators. The code also shows adherence to best practices by utilizing prepared statements for SQL, although the low number of output escalations and the fact that not all outputs are escaped (67%) present a minor concern. The lack of any recorded historical vulnerabilities further strengthens this positive outlook, suggesting a well-maintained and secure plugin.

However, the analysis reveals a complete absence of nonce checks and capability checks. While the current attack surface is zero, this indicates a potential weakness if new entry points are added or if the plugin's functionality expands without proper authorization and security validation. The lack of any identified taint flows is encouraging, but it's crucial to remember that static analysis has limitations and may not uncover all potential vulnerabilities, especially complex business logic flaws. The current version seems secure, but the lack of built-in authorization checks is a notable area for improvement to ensure future-proofing.

Key Concerns

No nonce checks implemented
No capability checks implemented
33% of outputs not properly escaped

Vulnerabilities

None known

Custom Login Customizer Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Custom Login Customizer Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

2 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

67% escaped3 total outputs

Attack Surface

Custom Login Customizer Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 11

actionlogin_enqueue_scriptsyorksign.php:47

actionlogin_headyorksign.php:48

filterlogin_headerurlyorksign.php:49

filterlogin_headertextyorksign.php:50

filterwp_login_errorsyorksign.php:51

filterlogin_titleyorksign.php:52

filteradmin_footer_textyorksign.php:53

actionadmin_print_scripts-user-new.phpyorksign.php:54

actionplugins_loadedyorksign.php:56

actioncustomize_registeryorksign.php:59

filtergettextyorksign.php:198

Maintenance & Trust

Custom Login Customizer Maintenance & Trust

Maintenance Signals

WordPress version tested5.8.13

Last updatedDec 7, 2021

PHP min version7.2

Downloads977

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

Custom Login Customizer Alternatives

WP Custom Login

bm-custom-login

100

Customize the WordPress login screen with your own colors, logo, backgrounds, and form styles.

10K No CVEs

Secure Admin Login With Customize

secure-admin-login-with-customize

Secure admin login with customize allows you to customize your WordPress admin login page within WordPress customizer.

10 No CVEs

Gray Login Customizer

gray-login-customizer

100

Easily customize your WordPress login page with logo, background, styles, and more — no coding needed.

0 No CVEs

Login Customizer Plus

100

0 No CVEs

Login Page Styler – Custom WordPress Login Page Customizer & Security

Customize and secure your WordPress login page with logo, backgrounds, templates, custom login URL, reCAPTCHA protection, and login activity logs — no …

3K 3 CVEs

Developer Profile

Custom Login Customizer Developer Profile

WP YORK

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Custom Login Customizer

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/custom-login-customizer/assets/js/description-add.js/wp-content/plugins/custom-login-customizer/assets/css/style-login.css

Version Parameters

custom-login-customizer/assets/js/description-add.js?ver=custom-login-customizer/assets/css/style-login.css?ver=

HTML / DOM Fingerprints

FAQ