WordPress Loginizer < 1.6.4 – Unauthenticated SQL Injection via `log` Parameter
The Loginizer plugin before 1.6.4 for WordPress allows SQL injection with resultant XSS, related to loginizerloginfailed and lzvalidip. id: CVE-2020-27615 info: name: WordPress Loginizer 1.6.4 – Unauthenticated SQL Injection via log Parameter author: intelligent-ears severity: critical descriptio...