CVE-2023-50858

Cross-Site Request Forgery CSRF vulnerability in Bill Minozzi Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan.This issue affects Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan: from n/a through 4.34...

CVE-2023-50837

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WebFactory Ltd Login Lockdown – Protect Login Form.This issue affects Login Lockdown – Protect Login Form: from n/a through 2.06...

WordPress Login Lockdown & Protection plugin <= 2.14 - IP Block Bypass vulnerability

IP Block Bypass vulnerability discovered by William Cooke - Modux in WordPress Plugin Login Lockdown versions = 2.14...

CVE-2025-11707

The Login Lockdown & Protection plugin for WordPress is vulnerable to IP Block Bypass in all versions up to, and including, 2.14. This is due to $unblockkey key being insufficiently random allowing unauthenticated users, with access to an administrative user email, to generate valid unblock keys...

EUVD-2025-203209

The Login Lockdown & Protection plugin for WordPress is vulnerable to IP Block Bypass in all versions up to, and including, 2.14. This is due to $unblockkey key being insufficiently random allowing unauthenticated users, with access to an administrative user email, to generate valid unblock keys...

CVE-2025-11707

The Login Lockdown & Protection plugin for WordPress is vulnerable to IP Block Bypass in all versions up to, and including, 2.14. This is due to $unblockkey key being insufficiently random allowing unauthenticated users, with access to an administrative user email, to generate valid unblock keys...

CVE-2025-11707

CVE-2025-11707 – Login Lockdown & Protection (WordPress) : A vulnerability in all versions up to and including 2.14 allows unauthenticated attackers who have access to an admin email to generate valid unblock keys for their IP, bypassing IP blocks after failed logins due to insufficient randomnes...

CVE-2025-11707 Login Lockdown & Protection <= 2.14 - IP Block Bypass

The Login Lockdown & Protection plugin for WordPress is vulnerable to IP Block Bypass in all versions up to, and including, 2.14. This is due to $unblockkey key being insufficiently random allowing unauthenticated users, with access to an administrative user email, to generate valid unblock keys...

WordPress plugin Login Lockdown & Protection 安全特征问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security feature issue...

PT-2025-51054

The Login Lockdown & Protection plugin for WordPress is vulnerable to IP Block Bypass in all versions up to, and including, 2.14. This is due to $unblock key key being insufficiently random allowing unauthenticated users, with access to an administrative user email, to generate valid unblock keys...

EUVD-2024-17097

Malicious code in bioql PyPI...

EUVD-2025-13666

Malicious code in bioql PyPI...

EUVD-2023-55570

Malicious code in bioql PyPI...

CVE-2024-1860

The Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the antihackeraddwhitelist function in all versions up to, and including, 4.51. This makes it...

CVE-2025-3766

The Login Lockdown & Protection plugin for WordPress is vulnerable to unauthorized nonce access due to a missing capability check on the ajaxruntool function in all versions up to, and including, 2.11. This makes it possible for authenticated attackers, with Subscriber-level access and above, to...

CVE-2025-3766

The Login Lockdown & Protection plugin for WordPress is vulnerable to unauthorized nonce access due to a missing capability check on the ajaxruntool function in all versions up to, and including, 2.11. This makes it possible for authenticated attackers, with Subscriber-level access and above, to...

CVE-2025-3766 Login Lockdown & Protection <= 2.11 - Missing Authorization to Authenticated (Subscriber+) Arbitrary IP Whitelisting

The Login Lockdown & Protection plugin for WordPress is vulnerable to unauthorized nonce access due to a missing capability check on the ajaxruntool function in all versions up to, and including, 2.11. This makes it possible for authenticated attackers, with Subscriber-level access and above, to...

PT-2025-20017 · WordPress · Login Lockdown & Protection

Name of the Vulnerable Software and Affected Versions: Login Lockdown & Protection plugin for WordPress versions up to, and including, 2.11 Description: The issue is related to unauthorized nonce access due to a missing capability check on the ajax run tool function. This allows authenticated...

CVE-2024-1340

The Login Lockdown – Protect Login Form plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the generateexportfile function in all versions up to, and including, 2.08. This makes it possible for authenticated attackers, with subscriber access and...

CVE-2024-1340

The Login Lockdown – Protect Login Form plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the generateexportfile function in all versions up to, and including, 2.08. This makes it possible for authenticated attackers, with subscriber access and...