WP-Safety

Custom Login Page Customizer – Login Designer Security & Risk Analysis

wordpress.org/plugins/login-designer

Login Designer is the best way to style a custom login page for your WordPress login, register and forgot password forms, right from the live-action W …

30K active installs v1.6.10 PHP 5.2.4+ WP 4.7+ Updated Nov 11, 2025
custom-logincustomize-wordpress-logincustomizerloginwordpress-login
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Custom Login Page Customizer – Login Designer Safe to Use in 2026?

Generally Safe

Score 100/100

Custom Login Page Customizer – Login Designer has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago
Risk Assessment

The "login-designer" plugin exhibits a generally strong security posture, with good practices in place like the high percentage of prepared SQL statements and properly escaped outputs. The absence of recorded vulnerabilities and critical taint flows is a significant positive indicator. However, the presence of one AJAX handler without authentication checks represents a tangible risk. While the attack surface is relatively small and most entry points are secured, this single unprotected handler could potentially be exploited for unauthorized actions or information disclosure if it handles user-supplied data without proper validation.

While the vulnerability history is clean, suggesting the developers are responsive to security, the single unprotected AJAX endpoint remains a concern. This indicates a potential oversight in securing all entry points. The overall security is good due to the extensive use of prepared statements and output escaping, along with no known CVEs. However, the single unprotected AJAX handler prevents a perfect score and necessitates attention.

Key Concerns

  • AJAX handler without authentication checks
Vulnerabilities
None known

Custom Login Page Customizer – Login Designer Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Custom Login Page Customizer – Login Designer Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
10 prepared
Unescaped Output
17
292 escaped
Nonce Checks
8
Capability Checks
7
File Operations
4
External Requests
4
Bundled Libraries
1

Bundled Libraries

Freemius1.0

SQL Query Safety

91% prepared11 total queries

Output Escaping

94% escaped309 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
login_designer_import_json (includes\class-login-designer-features.php:383)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

Custom Login Page Customizer – Login Designer Attack Surface

Entry Points9
Unprotected1

AJAX Handlers 8

authwp_ajax_get_logo_infoincludes\class-login-designer-customizer-output.php:29
authwp_ajax_login_designer_import_jsonincludes\class-login-designer-features.php:43
authwp_ajax_login_designer_recaptcha_v3includes\class-login-designer-features.php:55
authwp_ajax_login_designer_validate_recaptcha_v2includes\class-login-designer-features.php:56
authwp_ajax_login_designer_localize_google_fontsincludes\class-login-designer-features.php:62
noprivwp_ajax_login_designer_localize_google_fontsincludes\class-login-designer-features.php:63
authwp_ajax_post_smtp_requestincludes\post-smtp-notice\recommend-post-smtp-base.php:39
noprivwp_ajax_post_smtp_requestincludes\post-smtp-notice\recommend-post-smtp-base.php:40

REST API Routes 1

POST/wp-json/recommend-post-smtp/requestincludes\post-smtp-notice\recommend-post-smtp-admin-notice.php:160
WordPress Hooks 78
actionadmin_initincludes\admin\class-login-designer-feedback.php:73
actionadmin_initincludes\admin\class-login-designer-feedback.php:74
actionadmin_noticesincludes\admin\class-login-designer-feedback.php:151
actionadmin_noticesincludes\admin\class-login-designer-notices.php:29
actioncustomize_preview_initincludes\class-login-designer-brand.php:26
actioncustomize_preview_initincludes\class-login-designer-brand.php:27
actionlogin_body_classincludes\class-login-designer-brand.php:28
actionlogin_enqueue_scriptsincludes\class-login-designer-brand.php:37
actionlogin_footerincludes\class-login-designer-brand.php:38
actionlogin_footerincludes\class-login-designer-brand.php:39
actionwp_footerincludes\class-login-designer-brand.php:51
actionwp_footerincludes\class-login-designer-brand.php:52
actionlogin_headincludes\class-login-designer-customizer-output.php:25
actionlogin_enqueue_scriptsincludes\class-login-designer-customizer-output.php:26
actionlogin_enqueue_scriptsincludes\class-login-designer-customizer-output.php:27
filterwp_resource_hintsincludes\class-login-designer-customizer-output.php:28
filtergettextincludes\class-login-designer-customizer-output.php:37
filtergettextincludes\class-login-designer-customizer-output.php:38
actioncustomize_controls_print_stylesincludes\class-login-designer-customizer-scripts.php:27
actioncustomize_preview_initincludes\class-login-designer-customizer-scripts.php:28
actionlogin_enqueue_scriptsincludes\class-login-designer-customizer-scripts.php:29
actioncustomize_controls_enqueue_scriptsincludes\class-login-designer-customizer-scripts.php:30
actioncustomize_controls_enqueue_scriptsincludes\class-login-designer-customizer-scripts.php:31
actioncustomize_controls_enqueue_scriptsincludes\class-login-designer-customizer-scripts.php:32
actionwp_footerincludes\class-login-designer-customizer-scripts.php:33
actionbody_classincludes\class-login-designer-customizer.php:24
actionlogin_body_classincludes\class-login-designer-customizer.php:25
actioncustomize_registerincludes\class-login-designer-customizer.php:26
actionlogin_headincludes\class-login-designer-features.php:28
actionlogin_footerincludes\class-login-designer-features.php:31
actionlogin_headincludes\class-login-designer-features.php:32
actionlogin_footerincludes\class-login-designer-features.php:34
filterlogin_errorsincludes\class-login-designer-features.php:38
actionadmin_enqueue_scriptsincludes\class-login-designer-features.php:42
actionlogin_formincludes\class-login-designer-features.php:58
filterwp_authenticate_userincludes\class-login-designer-features.php:59
actionlogin_enqueue_scriptsincludes\class-login-designer-features.php:60
actionlogin_headertextincludes\class-login-designer-frontend-settings.php:25
actionlogin_headerurlincludes\class-login-designer-frontend-settings.php:26
filterlogin_messageincludes\class-login-designer-frontend-settings.php:27
actionlogin_enqueue_scriptsincludes\class-login-designer-intro.php:32
actioncustomize_preview_initincludes\class-login-designer-intro.php:33
actionafter_setup_themeincludes\class-login-designer-password-protected.php:19
actionpassword_protected_enqueue_scriptsincludes\class-login-designer-password-protected.php:20
filterpassword_protected_login_password_titleincludes\class-login-designer-password-protected.php:21
filterpassword_protected_login_headerurlincludes\class-login-designer-password-protected.php:22
actionlogin_body_classincludes\class-login-designer-templates.php:27
actionbody_classincludes\class-login-designer-templates.php:28
actionlogin_enqueue_scriptsincludes\class-login-designer-templates.php:29
actioncustomize_preview_initincludes\class-login-designer-templates.php:30
filterlogin_designer_control_localizationincludes\class-login-designer-templates.php:31
actionlogin_footerincludes\class-login-designer-templates.php:35
filterwp_insert_post_dataincludes\class-login-designer-theme-template.php:52
filtertemplate_includeincludes\class-login-designer-theme-template.php:55
actionlogin_headincludes\class-login-designer-theme-template.php:58
actionplugins_loadedincludes\class-login-designer-theme-template.php:144
filterwpseo_exclude_from_sitemap_by_post_idsincludes\filters.php:8
filterrank_math/sitemap/posts_to_excludeincludes\filters.php:25
actionwpmu_new_blogincludes\install.php:171
actionafter_setup_themeincludes\migration.php:50
actionadmin_enqueue_scriptsincludes\post-smtp-notice\recommend-post-smtp-admin-notice.php:52
actionadmin_headincludes\post-smtp-notice\recommend-post-smtp-admin-notice.php:53
actionadmin_post_hide-post-smtp-recommendation-noticeincludes\post-smtp-notice\recommend-post-smtp-admin-notice.php:54
actionrest_api_initincludes\post-smtp-notice\recommend-post-smtp-admin-notice.php:55
actionrest_api_initincludes\post-smtp-notice\recommend-post-smtp-base.php:36
actionadmin_enqueue_scriptsincludes\post-smtp-notice\recommend-post-smtp-base.php:43
actionadmin_headincludes\post-smtp-notice\recommend-post-smtp-base.php:44
actionadmin_menuincludes\post-smtp-notice\recommend-post-smtp-base.php:57
actionadmin_menuincludes\post-smtp-notice\recommend-post-smtp-base.php:61
actionlogin_headincludes\template-login-designer.php:45
actionadmin_initlogin-designer.php:134
actionadmin_initlogin-designer.php:135
actionadmin_initlogin-designer.php:136
actionadmin_menulogin-designer.php:137
actionadmin_bar_menulogin-designer.php:138
filterplugin_row_metalogin-designer.php:139
filterplugin_row_metalogin-designer.php:140
actioninitlogin-designer.php:142
Maintenance & Trust

Custom Login Page Customizer – Login Designer Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedNov 11, 2025
PHP min version5.2.4
Downloads450K

Community Trust

Rating96/100
Number of ratings150
Active installs30K
Alternatives

Custom Login Page Customizer – Login Designer Alternatives

Custom Login Page | WebHunt Infotech

Custom Login Page | WebHunt Infotech

wp-login-page-customizer

A
85

Plugin allows you to easily customize Login Screen. You can design beautiful and eye catching login page in few minutes.

80 No CVEs
LoginPress | wp-login Custom Login Page Customizer

LoginPress | wp-login Custom Login Page Customizer

loginpress

A
94

LoginPress is a Custom Login Page Customizer plugin allows you to easily customize the layout of login, admin login, client login, register pages.

200K 6 CVEs
Admin Custom Login

Admin Custom Login

admin-custom-login

A
98

Customize Your WordPress Login Screen Amazingly - Add Own Logo, Add Social Profiles, Login Form Positions, Background Image Slide Show

20K 2 CVEs
Login Page Styler – Custom WordPress Login Page Customizer & Security

Login Page Styler – Custom WordPress Login Page Customizer & Security

login-page-styler

A
97

Customize and secure your WordPress login page with logo, backgrounds, templates, custom login URL, reCAPTCHA protection, and login activity logs — no …

3K 3 CVEs
Loginfy – Custom Login Page Customizer plugin

Loginfy – Custom Login Page Customizer plugin

loginfy

A
100

Custom login page customizer for WordPress. 16+ templates, live preview, white-label options. Perfect for agencies, businesses & freelancers brand …

2K No CVEs
Developer Profile

Custom Login Page Customizer – Login Designer Developer Profile

Saad Iqbal

84 plugins · 1.4M total installs

76
trust score
Avg Security Score
96/100
Avg Patch Time
287 days
View full developer profile
Detection Fingerprints

How We Detect Custom Login Page Customizer – Login Designer

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/login-designer/css/login-designer-admin.css/wp-content/plugins/login-designer/css/login-designer-public.css/wp-content/plugins/login-designer/js/admin/login-designer-admin.js/wp-content/plugins/login-designer/js/login-designer-public.js
Script Paths
/wp-content/plugins/login-designer/js/admin/login-designer-admin.js/wp-content/plugins/login-designer/js/login-designer-public.js
Version Parameters
login-designer/css/login-designer-admin.css?ver=login-designer/css/login-designer-public.css?ver=login-designer/js/admin/login-designer-admin.js?ver=login-designer/js/login-designer-public.js?ver=

HTML / DOM Fingerprints

CSS Classes
login-designer-admin-wraplogin-designer-header-wraplogin-designer-settingslogin-designer-customize-titlelogin-designer-customize-wrap
Data Attributes
data-login-designer-id
JS Globals
LoginDesignerAdminLoginDesignerPublic
FAQ

Frequently Asked Questions about Custom Login Page Customizer – Login Designer