[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fWRGoF9rc4poMEw6CFkuJwdnsFquE2QUxkcJV39F-3jw":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":49,"crawl_stats":38,"alternatives":56,"analysis":151,"fingerprints":262},"customize-login-image","Customize Login Image","3.5.3","apasionados","https:\u002F\u002Fprofiles.wordpress.org\u002Fapasionados\u002F","\u003Cp>This plugin allows you to customize the image and the appearance of the WordPress Login Screen. You can change: The logo, the link of the logo and the background color.\u003C\u002Fp>\n\u003Cp>There are three features we love:\u003C\u002Fp>\n\u003Cp>1) If no logo is uploaded, the default WordPress logo is shown.\u003C\u002Fp>\n\u003Cp>2) You can upload your own logo in PNG format to the WordPress UPLOADS folder (you just have to name it customize-login-image.png) and if no URL for the logo was set or no logo was uploaded, the plugin looks if this file exists and uses it.\u003C\u002Fp>\n\u003Cp>3) You can translate the plugin into your own language. So far English and Spanish translations are included. Just translate the .po file in the \u002Flang\u002F folder.\u003C\u002Fp>\n\u003Cp>4) You can choose if you want to show the server IP and\u002For server hostname on the login screen.\u003C\u002Fp>\n\u003Ch4>What can I do with this plugin?\u003C\u002Fh4>\n\u003Cp>You can upload a custom image for the login screen and specify the link attached to the logo. By default you are redirected to the homepage of your site.\u003C\u002Fp>\n\u003Cp>You can also set a custom background color for the login screen. Until version 3.5 you could also add your own CSS now this is not possible following the updated WordPress Plugin Security guidelines.\u003C\u002Fp>\n\u003Cp>You can choose if you want to show the server IP and\u002For server hostname on the login screen. We find this extremly useful when changing the server of a WordPress installation. If you activate both checkboxes you will know inmediately if you are login in on the correct server.\u003C\u002Fp>\n\u003Ch4>What ideas is this plugin based on?\u003C\u002Fh4>\n\u003Cp>We had been using the WordPress plugin \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcustomize-admin\u002F\" title=\"Customize Admin\" rel=\"ugc\">Customize Admin\u003C\u002Fa> but we didn’t like that the default logo was the VanderWikj Consultancy logo (vanderwijk.png). This has been causing us problems with customers when updating their sites and this logo displaying on their login screen; because they though that something was wrong with their installation. Another thing we didn’t like about this plugin was the other settings it included; we want a plugin to change the login appearance and only that.\u003C\u002Fp>\n\u003Cp>This is why we decided to create a new plugin that doesn’t have the two issues we found while using Customize Admin. Nervertheless it is a freat work from Johan van der Wijk.\u003C\u002Fp>\n\u003Ch4>Customize Login Image Plugin in your Language!\u003C\u002Fh4>\n\u003Cp>This first release is avaliable in English and Spanish. In the “lang” folder we have included the necessarry files to translate this plugin.\u003C\u002Fp>\n\u003Cp>If you would like the plugin in your language and you’re good at translating, please drop us a line at \u003Ca href=\"http:\u002F\u002Fapasionados.es\u002Fcontacto\u002Findex.php?desde=wordpress-org-customize-login-image-home\" rel=\"nofollow ugc\">Contact us\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Further Reading\u003C\u002Fh4>\n\u003Cp>You can access the description of the plugin in Spanish at: \u003Ca href=\"http:\u002F\u002Fapasionados.es\u002Fblog\u002Fcustomize-login-image-wordpress-plugin-1726\u002F\" rel=\"nofollow ugc\">Customize Login Image en español\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Contact\u003C\u002Fh3>\n\u003Cp>For further information please send us an \u003Ca href=\"http:\u002F\u002Fapasionados.es\u002Fcontacto\u002Findex.php?desde=wordpress-org-customizeloginimage-contact\" rel=\"nofollow ugc\">email\u003C\u002Fa>.\u003C\u002Fp>\n","This plugin allows you to customize the image and the appearance of the WordPress Login Screen.",3000,62886,100,10,"2023-09-23T06:15:00.000Z","6.3.8","3.0.1","5.6",[20,21,22,23,24],"admin","custom","customize","login","logo","http:\u002F\u002Fapasionados.es\u002F#utm_source=wpadmin&utm_medium=plugin&utm_campaign=wpcustomizeloginimageplugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustomize-login-image.3.5.3.zip",85,1,0,"2021-12-02 00:00:00","2026-03-15T15:16:48.613Z",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2021-33851","customize-login-image-cross-site-scripting","Customize Login Image \u003C= 3.4 - Cross-Site Scripting","A cross-site scripting (XSS) attack can cause arbitrary code (JavaScript) to run in a user's browser and can use an application as the vehicle for the attack. The XSS payload given in the \"Custom logo link\" executes whenever the user opens the Settings Page of the \"Customize Login Image\" Plugin.",null,"\u003C=3.4","3.5","medium",5.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-01-22 19:56:02",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F1f9b02c1-2cd7-48ee-b568-4c42bc0ded96?source=api-prod",782,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":50,"total_installs":51,"avg_security_score":52,"avg_patch_time_days":53,"trust_score":54,"computed_at":55},28,60790,94,326,75,"2026-04-04T20:59:41.147Z",[57,77,98,114,133],{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":13,"downloaded":65,"rating":13,"num_ratings":28,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":75,"download_link":76,"security_score":27,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"super-custom-login","Super Custom Login","1.1","Obadiah","https:\u002F\u002Fprofiles.wordpress.org\u002Fobadiah\u002F","\u003Cp>This plugin offers customization options for the WordPress login screen, including the ability to replace the default WordPress logo with a custom logo that links to the user’s homepage. There are custom color settings for all elements on login page. Additionally, the plugin improves login security by removing error messages upon failed login attempts.\u003C\u002Fp>\n\u003Cp>To utilize the custom logo feature, users should first upload their logo (ideally as a transparent PNG) to their media library where the URL can by copied. Install the plugin and go to the settings page. Enter the URL. Enter width and height of logo, if different from defaults. Click “Save Changes”.\u003C\u002Fp>\n","This plugin enables users to personalize their WordPress login screen by replacing the default WordPress logo with their own custom logo.",12734,"2023-04-02T13:12:00.000Z","6.2.9","3.1","",[20,71,72,73,74],"branding","custom-login","custom-logo","customized-login-screen","http:\u002F\u002Fmiddleearmedia.com\u002Flabs\u002Fplugins\u002Fsuper-custom-login\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsuper-custom-login.1.1.zip",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":14,"downloaded":85,"rating":29,"num_ratings":29,"last_updated":86,"tested_up_to":87,"requires_at_least":88,"requires_php":89,"tags":90,"homepage":69,"download_link":96,"security_score":97,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"secure-admin-login-with-customize","Secure Admin Login With Customize","1.4","Dilip Bheda","https:\u002F\u002Fprofiles.wordpress.org\u002Fdilipbheda\u002F","\u003Cp>Create your own custom admin login page with google recaptcha and captcha code.\u003C\u002Fp>\n\u003Cp>Plugin allows to change custom logo with replace with wordpress default logo, background color, background image, background slide show, form color, font size, login form position and many more features.\u003C\u002Fp>\n\u003Cp>Supports full features.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>You can add Google Recaptcha in your wordpress admin form (Site Key & Secret Key are required).\u003C\u002Fli>\n\u003Cli>You can add Captcha Code in your wordpress admin form.\u003C\u002Fli>\n\u003Cli>You can add customer logo above wordpress admin form.\u003C\u002Fli>\n\u003Cli>You can add background color and background image to the wordpress admin form.\u003C\u002Fli>\n\u003Cli>You can add custom message\u002Ftext above & bottom of your wordpress admin login form.\u003C\u002Fli>\n\u003Cli>Free support.\u003C\u002Fli>\n\u003Cli>Multi-lingual support.\u003C\u002Fli>\n\u003Cli>Translation ready (Gujarati, Hindi).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Main features.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Google Recaptcha.\u003C\u002Fli>\n\u003Cli>Captcha Code.\u003C\u002Fli>\n\u003Cli>Login button hover color.\u003C\u002Fli>\n\u003Cli>Login button color.\u003C\u002Fli>\n\u003Cli>Admin form custom color.\u003C\u002Fli>\n\u003Cli>Admin form border custom style.\u003C\u002Fli>\n\u003Cli>Admin form label size.\u003C\u002Fli>\n\u003Cli>Admin form opacity.\u003C\u002Fli>\n\u003Cli>Admin form custom background image.\u003C\u002Fli>\n\u003Cli>Change label color.\u003C\u002Fli>\n\u003Cli>Change login form color.\u003C\u002Fli>\n\u003Cli>Set custom background image.\u003C\u002Fli>\n\u003Cli>Set background color.\u003C\u002Fli>\n\u003Cli>Add custom logo to admin login form.\u003C\u002Fli>\n\u003Cli>Logo width.\u003C\u002Fli>\n\u003Cli>Logo height.\u003C\u002Fli>\n\u003Cli>Logo link.\u003C\u002Fli>\n\u003Cli>Logo title.\u003C\u002Fli>\n\u003C\u002Ful>\n","Secure admin login with customize allows you to customize your WordPress admin login page within WordPress customizer.",2092,"2025-01-29T16:32:00.000Z","6.7.5","5.9","7.2",[91,92,93,94,95],"custom-admin-login","custom-login-logo","custom-wp-login","customise-wordpress-login","login-customizer","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsecure-admin-login-with-customize.1.4.zip",92,{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":14,"downloaded":106,"rating":13,"num_ratings":107,"last_updated":108,"tested_up_to":109,"requires_at_least":40,"requires_php":69,"tags":110,"homepage":69,"download_link":113,"security_score":27,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"wp-customize","WP Customize","1.1.1","WebSight Designs","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebsightdesigns\u002F","\u003Cp>This plugin allows you to set up a custom login page, including your logo. It also allows you to set a custom footer by adding in your own text or HTML.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Allows you to specify a URL to an image you’d like to use as your WordPress Admin login page’s logo.\u003C\u002Fli>\n\u003Cli>Allows you to specify your own text and\u002For HTML to replace the footer of the WordPress Admin with.\u003C\u002Fli>\n\u003Cli>Sets the URL of your blog as the URL visited when a user clicks the logo on the WordPress Admin login page.\u003C\u002Fli>\n\u003Cli>Sets the title (seen when you hover your mouse over the logo) of the logo’s link to be your blog’s name.\u003C\u002Fli>\n\u003Cli>Allows you to specify the background color and the text\u002Flinks color of the WordPress Admin login page.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Please take a moment and rate this plugin at:\u003Cbr \u002F>\nhttps:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwp-customize\u002Freviews\u002F\u003C\u002Fp>\n","This plugin allows you to set up a custom login page, and set a custom footer message in the WordPress Admin.",7606,2,"2018-06-16T18:29:00.000Z","4.9.29",[20,111,72,22,112],"admin-footer","login-logo","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-customize.1.1.1.zip",{"slug":115,"name":116,"version":60,"author":117,"author_profile":118,"description":119,"short_description":120,"active_installs":29,"downloaded":121,"rating":13,"num_ratings":28,"last_updated":122,"tested_up_to":123,"requires_at_least":124,"requires_php":18,"tags":125,"homepage":131,"download_link":132,"security_score":27,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"rebrander-white-label-wp","Rebrander – White Label WordPress","Madhav Dhungana","https:\u002F\u002Fprofiles.wordpress.org\u002Fmadhavdhungana\u002F","\u003Cp>Rebrander  customizes login logo & background, admin area, dashboard, and all the WordPress logo and links.\u003C\u002Fp>\n\u003Ch3>Rebrander for WordPress Features\u003C\u002Fh3>\n\u003Cp>Rebrander is made for those who want to customize their WordPress site.\u003Cbr \u002F>\n* Easy replace the default logo with your own on the WordPress login screen.\u003Cbr \u002F>\n* Custom background color for the login screen.\u003Cbr \u002F>\n* Removes WordPress from title and adds your site name.\u003Cbr \u002F>\n* Removes dashboard footer, version name and widgets from Dashboard\u003Cbr \u002F>\n* Hide the WordPress admin bar logo.\u003Cbr \u002F>\n* Hide admin menus & plugins from other administrators.\u003C\u002Fp>\n\u003Ch3>Rebrander\u003C\u002Fh3>\n\u003Cp>The Rebrander Plugin for WordPress is made for professionals who require an extra level of customization.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Remove WordPress Update Nags\u003C\u002Fli>\n\u003Cli>Remove admin bar on the fronted.\u003C\u002Fli>\n\u003Cli>Change WordPress Email address and sender name.\u003C\u002Fli>\n\u003Cli>Exciting upcoming features and development.\u003C\u002Fli>\n\u003Cli>Premium Support.\u003C\u002Fli>\n\u003C\u002Ful>\n","Rebrander  customizes login logo & background, admin area, dashboard, and all the WordPress logo and links.",1010,"2020-02-26T16:07:00.000Z","5.3.21","4.0",[126,127,128,129,130],"custom-admin-page","customise-login","customize-login","login-page-logo","white-label-wordpress","https:\u002F\u002Fwww.dmadhav.com.np\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frebrander-white-label-wp.zip",{"slug":112,"name":134,"version":135,"author":136,"author_profile":137,"description":138,"short_description":139,"active_installs":140,"downloaded":141,"rating":142,"num_ratings":143,"last_updated":144,"tested_up_to":145,"requires_at_least":146,"requires_php":69,"tags":147,"homepage":149,"download_link":150,"security_score":97,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"Login Logo","0.10.3","Mark Jaquith","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarkjaquith\u002F","\u003Cp>This plugin allows you to customize the logo on the WordPress login screen. There is zero configuration. You just drop the logo file into your WordPress content directory, named \u003Ccode>login-logo.png\u003C\u002Fcode> and this plugin takes over.\u003C\u002Fp>\n\u003Cp>Note that you should use a transparent background on the PNG image, crop it tightly (no padding pixels) and use a width of exactly 312 pixels for best results. Wider images will be downscaled in modern browsers, but it isn’t recommended to rely on that.\u003C\u002Fp>\n\u003Cp>This plugin also works in the \u003Ccode>mu-plugins\u003C\u002Fcode> directory.\u003C\u002Fp>\n","Customize the logo on the WP login screen by simply dropping a file named login-logo.png into your WP content directory. CSS is automatic!",40000,496104,98,62,"2024-09-11T02:54:00.000Z","6.6.5","5.1.2",[73,22,23,148,24],"login-screen","https:\u002F\u002Ftxfx.net\u002Fwordpress-plugins\u002Flogin-logo\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogin-logo.zip",{"attackSurface":152,"codeSignals":206,"taintFlows":223,"riskAssessment":250,"analyzedAt":261},{"hooks":153,"ajaxHandlers":202,"restRoutes":203,"shortcodes":204,"cronEvents":205,"entryPointCount":29,"unprotectedCount":29},[154,160,164,167,171,175,179,184,188,191,194,198],{"type":155,"name":156,"callback":157,"file":158,"line":159},"action","admin_init","apa_cli_load_language","customize-login-image-options.php",3,{"type":155,"name":161,"callback":162,"file":158,"line":163},"admin_menu","apa_cli_create_menu",8,{"type":155,"name":156,"callback":165,"file":158,"line":166},"apa_cli_register_settings",11,{"type":155,"name":168,"callback":169,"file":158,"line":170},"admin_print_scripts","apa_cli_admin_scripts",36,{"type":155,"name":172,"callback":173,"file":158,"line":174},"admin_print_styles","apa_cli_admin_styles",37,{"type":155,"name":176,"callback":157,"file":177,"line":178},"login_head","customize-login-image.php",79,{"type":180,"name":181,"callback":182,"file":177,"line":183},"filter","login_headertext","apa_cli_logo_title",80,{"type":180,"name":185,"callback":186,"file":177,"line":187},"login_headerurl","apa_cli_logo_url",81,{"type":155,"name":176,"callback":189,"file":177,"line":190},"apa_cli_logo_file",82,{"type":155,"name":176,"callback":192,"file":177,"line":193},"apa_cli_login_background_color",83,{"type":180,"name":195,"callback":196,"priority":14,"file":177,"line":197},"plugin_action_links","apa_cli_plugin_action_links",84,{"type":155,"name":199,"callback":200,"file":177,"line":201},"login_footer","apa_cli_ad_login_footer",87,[],[],[],[],{"dangerousFunctions":207,"sqlUsage":208,"outputEscaping":210,"fileOperations":29,"externalRequests":29,"nonceChecks":29,"capabilityChecks":29,"bundledLibraries":222},[],{"prepared":29,"raw":29,"locations":209},[],{"escaped":211,"rawEcho":212,"locations":213},15,5,[214,216,217,219,221],{"file":158,"line":143,"context":215},"raw output",{"file":158,"line":143,"context":215},{"file":177,"line":218,"context":215},71,{"file":177,"line":220,"context":215},73,{"file":177,"line":54,"context":215},[],[224,241],{"entryPoint":225,"graph":226,"unsanitizedCount":107,"severity":41},"apa_cli_ad_login_footer (customize-login-image.php:65)",{"nodes":227,"edges":238},[228,233],{"id":229,"type":230,"label":231,"file":177,"line":232},"n0","source","$_SERVER (x2)",68,{"id":234,"type":235,"label":236,"file":177,"line":218,"wp_function":237},"n1","sink","echo() [XSS]","echo",[239],{"from":229,"to":234,"sanitized":240},false,{"entryPoint":242,"graph":243,"unsanitizedCount":107,"severity":249},"\u003Ccustomize-login-image> (customize-login-image.php:0)",{"nodes":244,"edges":247},[245,246],{"id":229,"type":230,"label":231,"file":177,"line":232},{"id":234,"type":235,"label":236,"file":177,"line":218,"wp_function":237},[248],{"from":229,"to":234,"sanitized":240},"low",{"summary":251,"deductions":252},"The \"customize-login-image\" plugin version 3.5.3 exhibits a mixed security posture.  On the positive side, static analysis reveals no apparent attack surface through typical entry points like AJAX handlers, REST API routes, shortcodes, or cron events, and all SQL queries are properly prepared.  This suggests a well-contained plugin with regard to direct external manipulation.  However, the taint analysis indicates two flows with unsanitized paths, although none were classified as critical or high severity.  The plugin also has a history of vulnerabilities, with one medium severity Cross-Site Scripting (XSS) vulnerability reported in the past.  While there are no currently unpatched CVEs, this history and the presence of unsanitized paths are areas of concern.\n\nThe overall security is moderately good due to the absence of an exposed attack surface and proper SQL handling. Nevertheless, the identified unsanitized paths, even if not leading to high-severity issues in this analysis, represent potential weaknesses that could be exploited. The past XSS vulnerability also serves as a reminder that input sanitization and output escaping need continuous vigilance.  For a more robust security assessment, understanding the nature of the unsanitized flows and ensuring all outputs are properly escaped would be crucial.",[253,256,258],{"reason":254,"points":255},"Unsanitized path in taint analysis (x2)",6,{"reason":257,"points":212},"Past medium severity CVE (XSS)",{"reason":259,"points":260},"Unescaped output (25% of total outputs)",4,"2026-03-16T18:17:33.267Z",{"wat":263,"direct":269},{"assetPaths":264,"generatorPatterns":266,"scriptPaths":267,"versionParams":268},[265],"\u002Fwp-content\u002Fplugins\u002Fcustomize-login-image\u002Fcustomize-login-image.js",[],[],[],{"cssClasses":270,"htmlComments":271,"htmlAttributes":272,"restEndpoints":283,"jsGlobals":284,"shortcodeOutput":286},[],[],[273,274,275,276,277,278,279,280,281,282],"id=\"apa_cli_logo_url\"","name=\"apa_cli_logo_url\"","id=\"apa_cli_logo_file\"","name=\"apa_cli_logo_file\"","id=\"apa_cli_login_background_color\"","name=\"apa_cli_login_background_color\"","id=\"apa_cli_show_server_ip\"","name=\"apa_cli_show_server_ip\"","id=\"apa_cli_show_server_hostname\"","name=\"apa_cli_show_server_hostname\"",[],[285],"WP_PLUGIN_URL",[]]