Does Custom Login Page Customizer have any unpatched vulnerabilities?

No. All known vulnerabilities in Custom Login Page Customizer have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Custom Login Page Customizer compatible with WordPress 6.9.4?

According to WordPress.org data, Custom Login Page Customizer 2.5.4 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Custom Login Page Customizer compatible with PHP 5.6+?

Custom Login Page Customizer requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Custom Login Page Customizer updated?

Custom Login Page Customizer was last updated on Jan 6, 2026. Frequent updates are generally a positive security signal.

What is Custom Login Page Customizer's security score?

Custom Login Page Customizer has a WP-Safety security score of 94/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Custom Login Page Customizer Security & Risk Analysis

wordpress.org/plugins/login-customizer

Custom Login Customizer allows you to easily customize your admin login page, straight from your WordPress Customizer!

90K active installs v2.5.4 PHP 5.6+ WP 4.0+ Updated Jan 6, 2026

custom-logincustomizerloginlogin-pagewp-login

A · Safe

CVEs total1

Unpatched0

Last CVEJan 8, 2026

Plugin page Download

Safety Verdict

Is Custom Login Page Customizer Safe to Use in 2026?

Generally Safe

Score 94/100

Custom Login Page Customizer has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jan 8, 2026Updated 2mo ago

Risk Assessment

The overall security posture of login-customizer v2.5.4 shows a mixed bag of good practices and concerning areas. The plugin demonstrates a strong adherence to WordPress security by implementing capability checks and nonce checks on all identified entry points, which is a significant strength. The absence of critical or high-severity taint flows, along with proper output escaping for a majority of outputs, also contributes positively to its security. However, the static analysis reveals several areas that warrant attention. Notably, 100% of SQL queries are not using prepared statements, which is a significant risk for SQL injection vulnerabilities, especially given the presence of external HTTP requests that could potentially supply malicious data. The vulnerability history, though showing no currently unpatched CVEs, includes a past critical vulnerability related to Improper Privilege Management, indicating a historical susceptibility to serious security flaws. This suggests a need for ongoing vigilance and robust patching strategies.

Key Concerns

100% of SQL queries are not using prepared statements
Past critical CVE indicating historical susceptibility
Bundled library Freemius v1.0 may be outdated

Vulnerabilities

Custom Login Page Customizer Security Vulnerabilities

CVEs by Year

1 CVE in 2026

2026

Patched Has unpatched

Severity Breakdown

Critical

1 total CVE

CVE-2025-14975critical · 9.8Improper Privilege Management

Custom Login Page Customizer <= 2.5.3 - Unauthenticated Privilege Escalation via Password Reset

Jan 8, 2026 Patched in 2.5.4 (28d)

Code Analysis

Analyzed Mar 16, 2026

Custom Login Page Customizer Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

114 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius1.0

SQL Query Safety

0% prepared4 total queries

Output Escaping

77% escaped149 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths

logincustomizer_review_notice_message (src\Includes\Notification.php:115)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Custom Login Page Customizer Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_logincust_helpsrc\Settings\Setup.php:33

WordPress Hooks 44

actioncustomize_controls_print_scriptssrc\Customizer\Customizer_Enqueue.php:30

filterpage_attributes_dropdown_pages_argssrc\Customizer\Include_Page_Template.php:50

filtertheme_page_templatessrc\Customizer\Include_Page_Template.php:55

filterwp_insert_post_datasrc\Customizer\Include_Page_Template.php:60

filtertemplate_includesrc\Customizer\Include_Page_Template.php:64

actioninitsrc\Customizer\Include_Page_Template.php:67

actionplugins_loadedsrc\Customizer\Include_Page_Template.php:165

actionwp_loadedsrc\Customizer\Initial_Setup.php:32

actioncustomize_registersrc\Customizer\Panel\customizer.php:103

actioncustomize_controls_print_scriptssrc\Customizer\Panel\customizer.php:123

actioncustomize_preview_initsrc\Customizer\Panel\customizer.php:143

actioncustomize_controls_enqueue_scriptssrc\Customizer\Panel\customizer.php:144

actionlogin_enqueue_scriptssrc\Customizer\Panel\Custom_Code.php:17

actionlogin_footersrc\Customizer\Panel\Custom_Code.php:18

filterlogin_footersrc\Customizer\Panel\Functions.php:27

filtergettextsrc\Customizer\Panel\Functions.php:29

actionlogin_headsrc\Customizer\Panel\Functions.php:32

filterlogin_headerurlsrc\Customizer\Panel\Functions.php:37

filterlogin_titlesrc\Customizer\Panel\Functions.php:45

filterlogin_headertitlesrc\Customizer\Panel\Functions.php:55

filterlogin_headertextsrc\Customizer\Panel\Functions.php:57

filterregistersrc\Customizer\Panel\Functions.php:65

filterlogin_link_separatorsrc\Customizer\Panel\Functions.php:66

filterlogin_link_separatorsrc\Customizer\Panel\Functions.php:69

actioninitsrc\Essentials.php:38

filterwpseo_exclude_from_sitemap_by_post_idssrc\Includes\Compatibility.php:35

filterwp_sitemaps_posts_query_argssrc\Includes\Compatibility.php:37

filterrank_math/sitemap/posts_to_excludesrc\Includes\Compatibility.php:41

actionadmin_initsrc\Includes\Notification.php:34

actionadmin_noticessrc\Includes\Notification.php:64

filterplugin_row_metasrc\Includes\Plugin_Meta.php:46

actionplugin_action_linkssrc\Includes\Plugin_Meta.php:47

actioninitsrc\Plugin.php:45

filterlogin_display_language_dropdownsrc\Plugin.php:97

filterlogin_display_language_dropdownsrc\Plugin.php:99

actionadmin_enqueue_scriptssrc\Settings\API.php:35

actionregister_formsrc\Settings\Features\Custom_Register_Password.php:32

filterregistration_errorssrc\Settings\Features\Custom_Register_Password.php:33

actionregister_new_usersrc\Settings\Features\Custom_Register_Password.php:34

filterwp_new_user_notification_emailsrc\Settings\Features\Custom_Register_Password.php:35

filterauthenticatesrc\Settings\Features\Login_Order.php:52

actionadmin_initsrc\Settings\Setup.php:30

actionadmin_menusrc\Settings\Setup.php:31

actionadmin_headsrc\Settings\Setup.php:75

Maintenance & Trust

Custom Login Page Customizer Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 6, 2026

PHP min version5.6

Downloads2.0M

Community Trust

Rating96/100

Number of ratings407

Active installs90K

Alternatives

Custom Login Page Customizer Alternatives

Custom Login Page | WebHunt Infotech

wp-login-page-customizer

Plugin allows you to easily customize Login Screen. You can design beautiful and eye catching login page in few minutes.

80 No CVEs

Customizer Login Page WP

customizer-login-page-wp

The Customizer Login Page plugin will help you to enable a custom login page to your WordPress website. If you want to customize your basic admin logi …

60 No CVEs

Modify Login – Custom WordPress Login URL & Login Page Designer

modify-login

100

Secure WordPress login with custom URL, protect wp-admin, and design beautiful login pages with drag & drop builder. No code required.

20 No CVEs

LoginPress | wp-login Custom Login Page Customizer

loginpress

LoginPress is a Custom Login Page Customizer plugin allows you to easily customize the layout of login, admin login, client login, register pages.

200K 6 CVEs

Custom Login Page Customizer

colorlib-login-customizer

100

Customize your WordPress login page with live preview. Change logo, background, colors, and form styling without coding.

50K No CVEs

Developer Profile

Custom Login Page Customizer Developer Profile

Adnan

11 plugins · 660K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

526 days

View full developer profile

Detection Fingerprints

How We Detect Custom Login Page Customizer

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/login-customizer/Templates/js/customizer.js/wp-content/plugins/login-customizer/Customizer/Panel/Controls/Assets/JS/alpha-control.js/wp-content/plugins/login-customizer/Customizer/Panel/Controls/Assets/CSS/alpha_control.css/wp-content/plugins/login-customizer/Customizer/Panel/Controls/Assets/JS/padding-control.js/wp-content/plugins/login-customizer/Customizer/Panel/Controls/Assets/CSS/padding-control.css

Script Paths

Version Parameters

login-customizer/Templates/js/customizer.js?ver=login-customizer/Customizer/Panel/Controls/Assets/JS/alpha-control.js?ver=login-customizer/Customizer/Panel/Controls/Assets/CSS/alpha_control.css?ver=login-customizer/Customizer/Panel/Controls/Assets/JS/padding-control.js?ver=login-customizer/Customizer/Panel/Controls/Assets/CSS/padding-control.css?ver=

HTML / DOM Fingerprints

CSS Classes

logincust-color-controllogincust-padding

Data Attributes

data-palettedata-default-color

JS Globals

logincust_freeLOGINCUST_FREE_URL

FAQ