Severity
Medium
Analysis Summary
CVE-2025-46535 CVSS:5.4
Missing Authorization vulnerability in AlphaEfficiencyTeam Custom Login and Registration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom Login and Registration: from n/a through 1.0.0.
CVE-2025-46482 CVSS:6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MyThemeShop WP Quiz allows Stored XSS.This issue affects WP Quiz: from n/a through 2.0.10.
Impact
- Gain Access
- Cross-site Scripting
Indicators of Compromise
CVE
CVE-2025-46535
CVE-2025-46482
Affected Vendors
- WordPress
Affected Products
- AlphaEfficiencyTeam Custom Login and Registration - n/a
- MyThemeShop WP Quiz - n/a
Remediation
Upgrade to the latest version for WordPress, available from the WordPress Plugin Directory.