93 matches found
CVE-2022-45079 WordPress Loginizer Plugin <= 1.7.5 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Softaculous Loginizer plugin = 1.7.5 versions...
WordPress Plugin Loginizer 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
WordPress Loginizer Plugin <= 1.7.8 is vulnerable to Cross Site Scripting (XSS)
Software Loginizer Type Plugin Vulnerable versions = 1.7.8 Fixed in 1.7.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2296 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 867402dd8b92 Credits Erwan LR WPScan Required...
Loginizer 1.7.8 - Reflected XSS
The plugin does not escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin Make a logged in admin open a page with the code below...
CVE-2022-45084
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Softaculous Loginizer plugin = 1.7.5 versions...
CVE-2022-45084
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Softaculous Loginizer plugin = 1.7.5 versions...
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Softaculous Loginizer plugin = 1.7.5 versions...
CVE-2022-45084
CVE-2022-45084 affects the WordPress Softaculous/Loginizer plugin versions before 1.7.6 (i.e.,
CVE-2022-45084 WordPress Loginizer Plugin <= 1.7.5 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Softaculous Loginizer plugin = 1.7.5 versions...
CVE-2022-45084 WordPress Loginizer Plugin <= 1.7.5 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Softaculous Loginizer plugin = 1.7.5 versions...
WordPress plugin Loginizer 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
PT-2023-14592 · WordPress · Softaculous Loginizer
Name of the Vulnerable Software and Affected Versions: Softaculous Loginizer plugin versions prior to 1.7.6 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into a website, potentially allowi...
Loginizer < 1.7.6 - Unauthenticated Stored Cross-Site Scripting
The plugin does not sanitise and escape some parameters, allowing unauthenticated attackers to send a request with XSS payloads, which will be triggered when a high privilege users such as admin visits a page from the plugin...
VulnCheck KEV: CVE-2020-27615
The Loginizer plugin before 1.6.4 for WordPress allows SQL injection with resultant XSS, related to loginizerloginfailed and lzvalidip...
WordPress Loginizer log SQLi Scanner
Loginizer wordpress plugin contains an unauthenticated timebased SQL injection in versions before 1.6.4. The vulnerable parameter is in the log parameter. Wordpress has forced updates of the plugin to all servers Module Options msf use auxiliary/scanner/http/wploginizerlogsqli msf...
Loginizer Plugin for WordPress < 1.6.4 SQL Injection
The WordPress Loginizer Plugin installed on the remote host is affected by a SQL injection vulnerability. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No source data...
WordPress Loginizer Plugin SQL injection (CVE-2020-27615)
An SQL injection vulnerability exists in WordPress Loginizer Plugin. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...
WordPress Loginizer SQL Injection Vulnerability (CNVD-2020-58768)
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Loginizer is the open source and free violence login protection plugin used in it. WordPress Loginizer version before 1.6.4 suffers fro...
WordPress Loginizer plugin < 1.6.4 blind SQLi (CVE-2020-27615)
The Loginizer Plugin for WordPress running on the remote web server is affected by a SQL injection vulnerability due to improper sanitization of user-supplied input. An unauthenticated, remote attacker can exploit this issue to inject or manipulate SQL queries in the back-end database, resulting ...
CVE-2020-27615
The Loginizer plugin before 1.6.4 for WordPress allows SQL injection with resultant XSS, related to loginizerloginfailed and lzvalidip...