Title: Plugin vulnerability
Last modified: October 31, 2025

---

# Plugin vulnerability

 *  Resolved [at1950](https://wordpress.org/support/users/at1950/)
 * (@at1950)
 * [7 months, 1 week ago](https://wordpress.org/support/topic/plugin-vulnerability-45/)
 * I get this message from “Security by CleanTalk”:
 * **[melapress-login-security](https://ehama.org/wp-admin/plugins.php#melapress-login-security-spbc-anchor)**
   of version (0.0 > 2.2.0) contains [CVE-2025-6895](https://research.cleantalk.org/reports/app/melapress-login-security#211876).
   Updating the plugin to a version higher than 2.2.0 is strongly recommended.

Viewing 3 replies - 1 through 3 (of 3 total)

 *  Plugin Support [robertabela](https://wordpress.org/support/users/robert681/)
 * (@robert681)
 * [7 months, 1 week ago](https://wordpress.org/support/topic/plugin-vulnerability-45/#post-18702959)
 * Thank you for posting about this [@at1950](https://wordpress.org/support/users/at1950/)
 * The information on the Cleantalk website is wrong. The plugin versions up to 
   version 2.1.1 were vulnerable. Version 2.2.0 was the release with the fix. Refer
   to the [CVE-2025-6895 report on the Patchstack website](https://patchstack.com/database/wordpress/plugin/melapress-login-security/vulnerability/wordpress-melapress-login-security-plugin-2-1-0-2-1-1-authentication-bypass-to-privilege-escalation-via-get-valid-user-based-on-token-function)
   for more details.
 * I hope this helps. Should you have any other questions, please do not hesitate
   to ask.
 * Have a great day.
 *  Thread Starter [at1950](https://wordpress.org/support/users/at1950/)
 * (@at1950)
 * [7 months, 1 week ago](https://wordpress.org/support/topic/plugin-vulnerability-45/#post-18703067)
 * Thank you for clarifying [@robert681](https://wordpress.org/support/users/robert681/)–
   That is good to know…
 *  Plugin Support [robertabela](https://wordpress.org/support/users/robert681/)
 * (@robert681)
 * [7 months, 1 week ago](https://wordpress.org/support/topic/plugin-vulnerability-45/#post-18703490)
 * You’re welcome [@at1950](https://wordpress.org/support/users/at1950/)
 * If you find the plugin useful, please do not forget to spare a minute to [**rate the plugin**](https://wordpress.org/support/plugin/melapress-login-security/reviews/).
   These ratings help other users and the plugin.
 * Thanks and have a great weekend.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Plugin vulnerability’ is closed to new replies.

 * ![](https://ps.w.org/melapress-login-security/assets/icon-256x256.png?rev=3328142)
 * [Melapress Login Security](https://wordpress.org/plugins/melapress-login-security/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/melapress-login-security/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/melapress-login-security/)
 * [Active Topics](https://wordpress.org/support/plugin/melapress-login-security/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/melapress-login-security/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/melapress-login-security/reviews/)

 * 4 replies
 * 2 participants
 * Last reply from: [robertabela](https://wordpress.org/support/users/robert681/)
 * Last activity: [7 months, 1 week ago](https://wordpress.org/support/topic/plugin-vulnerability-45/#post-18703490)
 * Status: resolved