93 matches found
WordPress Loginizer plugin <= 1.9.2 - Authentication Bypass vulnerability
Authentication Bypass vulnerability discovered by wesley wcraft in WordPress Plugin Loginizer versions = 1.9.2...
WordPress Loginizer Plugin <= 1.9.2 is vulnerable to Broken Authentication
Software Loginizer Type Plugin Vulnerable versions = 1.9.2 Fixed in 1.9.3 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-10097 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 240cee809d7c Credits wesley wcraf...
WordPress Loginizer Security Plugin <= 1.9.2 is vulnerable to Broken Authentication
Software Loginizer Security Type Plugin Vulnerable versions = 1.9.2 Fixed in 1.9.3 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-10097 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 39d130db7003 Credits...
PT-2024-16024 · WordPress · Loginizer
Name of the Vulnerable Software and Affected Versions: Loginizer Security and Loginizer plugins for WordPress versions up to, and including, 1.9.2 Description: The issue is due to insufficient verification on the user being returned by the social login token, making it possible for unauthenticate...
WordPress Loginizer Log SQL Injection Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Loginizer log SQLi Scanner', 'Description' = %q Loginizer wordpress plugin contains an unauthenticated timebased SQL injection in...
WordPress Loginizer Plugin < 1.7.9 XSS Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:loginizer:loginizer"; if description...
WordPress Loginizer Plugin < 1.7.6 Multiple Vulnerabilities
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:loginizer:loginizer"; if description...
CVE-2023-2296
The Loginizer WordPress plugin before 1.7.9 does not escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-2296
The Loginizer WordPress plugin before 1.7.9 does not escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
Cross site scripting
The Loginizer WordPress plugin before 1.7.9 does not escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-2296 Loginizer 1.7.8 - Reflected XSS
The Loginizer WordPress plugin before 1.7.9 does not escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-2296
The CVE-2023-2296 entry concerns the WordPress Loginizer plugin before version 1.7.9. The vulnerability is a reflected XSS caused by not escaping a parameter before outputting it in the page, which could be exploited against high-privilege users such as admins. Affected component: Loginizer plugi...
CVE-2023-2296 Loginizer 1.7.8 - Reflected XSS
The Loginizer WordPress plugin before 1.7.9 does not escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
WordPress plugin Loginizer 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...
PT-2023-18801 · WordPress · Loginizer
Name of the Vulnerable Software and Affected Versions: Loginizer WordPress plugin versions prior to 1.7.9 Description: The issue is related to a Reflected Cross-Site Scripting problem. It occurs because a parameter is not properly escaped before being outputted back in the page. This could be...
CVE-2022-45079
Cross-Site Request Forgery CSRF vulnerability in Softaculous Loginizer plugin = 1.7.5 versions...
CVE-2022-45079
Cross-Site Request Forgery CSRF vulnerability in Softaculous Loginizer plugin = 1.7.5 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Softaculous Loginizer plugin = 1.7.5 versions...
CVE-2022-45079
CVE-2022-45079 is a CSRF vulnerability in the WordPress Loginizer/Softaculous Loginizer plugin family, affecting versions up to 1.7.5 and rated high in CVSS (8.8). The issue is documented across multiple feeds (NVD/Red Hat/CVE.org) as a Cross-Site Request Forgery in this plugin. OpenVAS references
CVE-2022-45079 WordPress Loginizer Plugin <= 1.7.5 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Softaculous Loginizer plugin = 1.7.5 versions...