WP-Safety

WP Custom Login Security & Risk Analysis

wordpress.org/plugins/wp-custom-login

Requires at least: 3.2.1 Tested up to: 4.6 Stable tag: 1.4.9 Adding the header and footer to your login page.

300 active installs v1.4.9 PHP + WP + Updated Jul 8, 2016
custom-logincustom-pageheaderloginlogin-page
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is WP Custom Login Safe to Use in 2026?

Generally Safe

Score 85/100

WP Custom Login has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago
Risk Assessment

Based on the provided static analysis, the "wp-custom-login" plugin v1.4.9 exhibits a strong security posture. The analysis indicates a complete absence of exploitable entry points such as AJAX handlers, REST API routes, shortcodes, or cron events that lack authentication checks. Furthermore, the code demonstrates excellent secure coding practices, with no dangerous functions, all SQL queries using prepared statements, and all outputs being properly escaped. There are also no observed file operations or external HTTP requests, and importantly, no nonce or capability checks were detected, which is a concern in a typical WordPress plugin but seems to be a deliberate design choice in this case, likely due to the lack of interactive endpoints.

Key Concerns

  • Missing nonce checks
  • Missing capability checks
Vulnerabilities
None known

WP Custom Login Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

WP Custom Login Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0
Attack Surface

WP Custom Login Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 3
actionlogin_headwp-custom-login.php:15
actionlogin_headwp-custom-login.php:32
actionlogin_footerwp-custom-login.php:41
Maintenance & Trust

WP Custom Login Maintenance & Trust

Maintenance Signals

WordPress version tested
Last updatedJul 8, 2016
PHP min version
Downloads43K

Community Trust

Rating90/100
Number of ratings17
Active installs300
Alternatives

WP Custom Login Alternatives

Custom Login Css

Custom Login Css

custom-login-css

A
85

Adding the header and footer to your login page.

400 No CVEs
Custom Login Page Customizer

Custom Login Page Customizer

login-customizer

A
94

Custom Login Customizer allows you to easily customize your admin login page, straight from your WordPress Customizer!

90K 1 CVE
Custom Login Page Customizer

Custom Login Page Customizer

colorlib-login-customizer

A
100

Customize your WordPress login page with live preview. Change logo, background, colors, and form styling without coding.

50K No CVEs
Admin Custom Login

Admin Custom Login

admin-custom-login

A
98

Customize Your WordPress Login Screen Amazingly - Add Own Logo, Add Social Profiles, Login Form Positions, Background Image Slide Show

20K 2 CVEs
Branda – White Label & Branding, Free Login Page Customizer

Branda – White Label & Branding, Free Login Page Customizer

branda-white-labeling

A
89

White label & rebrand your login page & WordPress dashboard. Customize system emails & get everything to rebrand WordPress with Branda.

20K 7 CVEs
Developer Profile

WP Custom Login Developer Profile

Ninos

3 plugins · 440 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect WP Custom Login

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wp-custom-login/wp-custom-login.css

HTML / DOM Fingerprints

JS Globals
wp_custom_login_remove_element
FAQ

Frequently Asked Questions about WP Custom Login