Lucene search
+L

5 matches found

Packet Storm
Packet Storm
added 2023/04/12 12:0 a.m.326 views

WordPress Limit Login Attempts 1.7.1 Cross Site Scripting

On January 26, 2023, the Wordfence team responsibly disclosed an unauthenticated stored Cross-Site Scripting vulnerability in Limit Login Attempts, a WordPress plugin installed on over 600,000 sites that provides site owners with the ability to block IP addresses that have made repeated failed...

6.7AI score0.00789EPSS
Exploits3
0day.today
0day.today
added 2023/04/12 12:0 a.m.415 views

WordPress Limit Login Attempts 1.7.1 Cross Site Scripting Vulnerability

WordPress Limit Login Attempts plugin versions 1.7.1 and below suffer from a persistent cross site scripting vulnerability. On January 26, 2023, the Wordfence team responsibly disclosed an unauthenticated stored Cross-Site Scripting vulnerability in Limit Login Attempts, a WordPress plugin...

7.2CVSS6.7AI score0.00789EPSS
Exploits3
Wordfence Blog
Wordfence Blog
added 2023/04/11 4:29 p.m.20 views

Update Now! Severe Vulnerability Impacting 600,000 Sites Patched in Limit Login Attempts

On January 26, 2023, the Wordfence team responsibly disclosed an unauthenticated stored Cross-Site Scripting vulnerability in Limit Login Attempts, a WordPress plugin installed on over 600,000 sites that provides site owners with the ability to block IP addresses that have made repeated failed...

6.8AI score0.00789EPSS
Exploits3
Patchstack
Patchstack
added 2023/04/07 12:0 a.m.15 views

WordPress Limit Login Attempts Plugin <= 1.7.1 is vulnerable to Cross Site Scripting (XSS)

Software Limit Login Attempts Type Plugin Vulnerable versions = 1.7.1 Fixed in 1.7.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1912 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 8be93eea7b1c Credits Marco Wotschka...

7.2CVSS5.9AI score0.00789EPSS
Exploits3References3Affected Software1
CVE
CVE
added 2023/04/06 2:37 p.m.74 views

CVE-2023-1912

The CVE-2023-1912 entry concerns the WordPress plugin Limit Login Attempts . It describes a Stored Cross-Site Scripting (XSS) vulnerability in versions up to and including 1.7.1, caused by insufficient input sanitization and output escaping in the lock-logging feature. The flaw can allow unauthen...

7.2CVSS5.8AI score0.00789EPSS
Exploits3References5Affected Software1
Rows per page
Query Builder