Lucene search
K

5 matches found

0day.today
0day.today
added 2023/04/12 12:0 a.m.414 views

WordPress Limit Login Attempts 1.7.1 Cross Site Scripting Vulnerability

WordPress Limit Login Attempts plugin versions 1.7.1 and below suffer from a persistent cross site scripting vulnerability. On January 26, 2023, the Wordfence team responsibly disclosed an unauthenticated stored Cross-Site Scripting vulnerability in Limit Login Attempts, a WordPress plugin...

7.2CVSS6.7AI score0.00789EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/04/12 12:0 a.m.326 views

WordPress Limit Login Attempts 1.7.1 Cross Site Scripting

On January 26, 2023, the Wordfence team responsibly disclosed an unauthenticated stored Cross-Site Scripting vulnerability in Limit Login Attempts, a WordPress plugin installed on over 600,000 sites that provides site owners with the ability to block IP addresses that have made repeated failed...

6.7AI score0.00789EPSS
Exploits3
Wordfence Blog
Wordfence Blog
added 2023/04/11 4:29 p.m.20 views

Update Now! Severe Vulnerability Impacting 600,000 Sites Patched in Limit Login Attempts

On January 26, 2023, the Wordfence team responsibly disclosed an unauthenticated stored Cross-Site Scripting vulnerability in Limit Login Attempts, a WordPress plugin installed on over 600,000 sites that provides site owners with the ability to block IP addresses that have made repeated failed...

6.8AI score0.00789EPSS
Exploits3
Patchstack
Patchstack
added 2023/04/07 12:0 a.m.15 views

WordPress Limit Login Attempts Plugin <= 1.7.1 is vulnerable to Cross Site Scripting (XSS)

Software Limit Login Attempts Type Plugin Vulnerable versions = 1.7.1 Fixed in 1.7.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1912 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 8be93eea7b1c Credits Marco Wotschka...

7.2CVSS5.9AI score0.00789EPSS
Exploits3References3Affected Software1
CVE
CVE
added 2023/04/06 2:37 p.m.74 views

CVE-2023-1912

The CVE-2023-1912 entry concerns the WordPress plugin Limit Login Attempts . It describes a Stored Cross-Site Scripting (XSS) vulnerability in versions up to and including 1.7.1, caused by insufficient input sanitization and output escaping in the lock-logging feature. The flaw can allow unauthen...

7.2CVSS5.8AI score0.00789EPSS
Exploits3References5Affected Software1
Rows per page
Query Builder