9.7 High
AI Score
Confidence
High
0.007 Low
EPSS
Percentile
80.7%
The Limit Login Attempts plugin before 1.7.1 for WordPress does not clear auth cookies upon a lockout, which might make it easier for remote attackers to conduct brute-force authentication attempts.
wordpress.org/plugins/limit-login-attempts/#developers