Does GS Custom Login have any unpatched vulnerabilities?

No. All known vulnerabilities in GS Custom Login have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is GS Custom Login compatible with WordPress 6.8.5?

According to WordPress.org data, GS Custom Login 1.3.5 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is GS Custom Login updated?

GS Custom Login was last updated on Apr 29, 2025. Frequent updates are generally a positive security signal.

What is GS Custom Login's security score?

GS Custom Login has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

GS Custom Login Security & Risk Analysis

wordpress.org/plugins/gs-custom-login

A simple, lightweight Plugin to Customize Your WordPress Login Screen Amazingly.

100 active installs v1.3.5 PHP + WP 4.3+ Updated Apr 29, 2025

adminbrandingcustom-logincustomizationlogin

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is GS Custom Login Safe to Use in 2026?

Generally Safe

Score 100/100

GS Custom Login has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11mo ago

Risk Assessment

The "gs-custom-login" v1.3.5 plugin exhibits a generally positive security posture based on the provided static analysis. The absence of identified AJAX handlers, REST API routes, shortcodes, and cron events with unprotected entry points is a significant strength, indicating a limited attack surface. Furthermore, the presence of nonce and capability checks, along with the lack of dangerous functions or file operations, suggests a conscious effort towards secure coding practices.

However, there are areas for concern. The plugin's SQL query is not using prepared statements, which presents a risk of SQL injection if the query's input is not meticulously sanitized. The 42% of improperly escaped outputs also indicate a potential for Cross-Site Scripting (XSS) vulnerabilities. While the taint analysis shows a flow with unsanitized paths, its severity is not critical or high, suggesting it may be a lower-risk issue but still warrants investigation. The external HTTP requests, though not inherently insecure, introduce third-party dependencies that could become a vector if the external services are compromised.

The plugin's vulnerability history is notably clean, with no recorded CVEs. This suggests that either the plugin has been well-maintained and secured, or it hasn't been a significant target for vulnerabilities in the past. The lack of common vulnerability types further reinforces this. Despite the identified risks in SQL usage and output escaping, the overall lack of critical findings and historical vulnerabilities points to a relatively secure plugin, provided the identified weaknesses are addressed.

Key Concerns

SQL query not using prepared statements
Significant portion of outputs not properly escaped
Taint flow with unsanitized path detected
External HTTP requests present

Vulnerabilities

None known

GS Custom Login Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

GS Custom Login Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

64 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared1 total queries

Output Escaping

42% escaped153 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths

formActionUrl (gscusl_assets\appsero\src\License.php:677)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

GS Custom Login Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 29

actionswitch_themegscusl_assets\appsero\src\Insights.php:115

actionswitch_themegscusl_assets\appsero\src\Insights.php:116

actionadmin_footergscusl_assets\appsero\src\Insights.php:128

actionadmin_noticesgscusl_assets\appsero\src\Insights.php:146

actionadmin_initgscusl_assets\appsero\src\Insights.php:149

filtercron_schedulesgscusl_assets\appsero\src\Insights.php:155

actionadmin_menugscusl_assets\appsero\src\License.php:176

actionafter_switch_themegscusl_assets\appsero\src\License.php:668

actionswitch_themegscusl_assets\appsero\src\License.php:669

filterpre_set_site_transient_update_pluginsgscusl_assets\appsero\src\Updater.php:42

filterplugins_apigscusl_assets\appsero\src\Updater.php:43

filterpre_set_site_transient_update_themesgscusl_assets\appsero\src\Updater.php:52

actionadmin_menugscusl_assets\gs-plugins\gs-plugins-free.php:15

actionadmin_menugscusl_assets\gs-plugins\gs-plugins.php:15

actioninitgscusl_assets\gs-plugins\gs-plugins.php:16

actionadmin_menugscusl_assets\gs-plugins\gs-plugins.php:17

filterlogin_headertextgscusl_assets\inc\gscusl_functions.php:40

filterlogin_headerurlgscusl_assets\inc\gscusl_functions.php:41

actionlogin_enqueue_scriptsgscusl_assets\inc\gscusl_functions.php:43

actionlogin_headgscusl_assets\inc\gscusl_functions.php:44

filterwp_login_errorsgscusl_assets\inc\gscusl_functions.php:47

filterlogin_body_classgscusl_assets\inc\gscusl_functions.php:48

actioncustomize_preview_initgscusl_assets\inc\gscusl_functions.php:49

actionadmin_enqueue_scriptsgscusl_custom_login.php:52

filterplugin_row_metagscusl_custom_login.php:112

actioncustomize_registergscusl_custom_login.php:1385

actioncustomize_controls_enqueue_scriptsgscusl_custom_login.php:1414

filtergettextgscusl_custom_login.php:1420

actioncustomize_controls_print_stylesgscusl_custom_login.php:1710

Maintenance & Trust

GS Custom Login Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedApr 29, 2025

PHP min version

Downloads8K

Community Trust

Rating90/100

Number of ratings4

Active installs100

Alternatives

GS Custom Login Alternatives

Custom Login

custom-login

100

Custom Login allows you to easily customize your admin login page, works great for client sites!

20K 1 CVE

PWD WP Login

pwd-wp-login

This plugin allows you to easy customize your login WordPress Dashboard using API customizer.

100 No CVEs

Stylish Login Pro

stylish-login-pro

Stylish Login Pro is a simple modern plugin I made so that I could customize the login screen on my own websit.

10 No CVEs

Login Screen Designer

100

Customize WordPress login page branding—logo, background, colors, and messages. A simple and effective tool for personalizing the login experience.

0 No CVEs

WP Custom Login Branding

wp-custom-login-branding

A simple plugin that allows web developers and designers to brand the login page of WordPress for their customers.

200 No CVEs

Developer Profile

GS Custom Login Developer Profile

GS Plugins

19 plugins · 41K total installs

trust score

Avg Security Score

98/100

Avg Patch Time

173 days

View full developer profile

Detection Fingerprints

How We Detect GS Custom Login

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/gs-custom-login/gscusl_assets/admin/css/gs_free_plugins.css

Version Parameters

gs_free_plugins.css?ver=gscusl_custom_style.css?ver=

HTML / DOM Fingerprints

CSS Classes

gscustom_login_thumbnailgscustom_login_thumbnail_imggs-pro-linkgslogin-rate-stars

HTML Comments

Data Attributes

gscustom_login_preset-

FAQ