WordPress Limit Login Attempts Plugin <= 5.3 is vulnerable to Bypass Vulnerability

Software Limit Login Attempts Type Plugin Vulnerable versions = 5.3 Fixed in 5.4 OWASP Top 10 A4: Insecure Design Classification Bypass Vulnerability CVE CVE-2022-4534 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 03e4ff962fd9 Credits rezaduty Required privilege Publishe...

Code injection

Low privileged users can use the AJAX action 'cppluginsdobuttonjoblatercallback' in the Login Protection - Limit Failed Login Attempts WordPress plugin before 2.9, to install any plugin including a specific version from the WordPress repository, as well as activate arbitrary plugin from then blog...

CVE-2021-24194 Login Protection - Limit Failed Login Attempts < 2.9 - Arbitrary Plugin Installation/Activation via Low Privilege User

Low privileged users can use the AJAX action 'cppluginsdobuttonjoblatercallback' in the Login Protection - Limit Failed Login Attempts WordPress plugin before 2.9, to install any plugin including a specific version from the WordPress repository, as well as activate arbitrary plugin from then blog...

WordPress Login Protection – Limit Failed Login Attempts plugin <= 2.8 - Arbitrary Plugin Installation and Activation vulnerability

Arbitrary Plugin Installation and Activation vulnerability discovered by Bugbang in WordPress Login Protection – Limit Failed Login Attempts plugin versions = 2.8. Solution Update the WordPress Login Protection – Limit Failed Login Attempts plugin to the latest available version at least 2.9...

Business Objects WebIntelligence 6.5x Account Lockout and System DoS

Computer Sciences Corporation Security Advisory December 14, 2005 Summary: CSC have discovered an issue that could impact upon the availability and security of servers operating Business Objects WebIntelligence software. If a remote malicious attacker is able to access authentication mechanisms...