7 matches found
EUVD-2015-6766
Malware in sbrugna...
CVE-2022-4303
The WP Limit Login Attempts WordPress plugin through 2.6.4 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based restrictions on login forms...
Design/Logic Flaw
The WP Limit Login Attempts WordPress plugin through 2.6.4 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based restrictions on login forms...
CVE-2015-6829
Multiple SQL injection vulnerabilities in the getip function in wp-limit-login-attempts.php in the WP Limit Login Attempts plugin before 2.0.1 for WordPress allow remote attackers to execute arbitrary SQL commands via the 1 X-Forwarded-For or 2 Client-IP HTTP header...
Sql injection
Multiple SQL injection vulnerabilities in the getip function in wp-limit-login-attempts.php in the WP Limit Login Attempts plugin before 2.0.1 for WordPress allow remote attackers to execute arbitrary SQL commands via the 1 X-Forwarded-For or 2 Client-IP HTTP header...
CVE-2015-6829
WP Limit Login Attempts plugin for WordPress (getip function) contains SQL injection vulnerabilities exploitable via the X-Forwarded-For and Client-IP HTTP headers. Affected versions are before 2.0.1. Consequences include arbitrary SQL execution on the database. Mitigation per connected sources i...
CVE-2015-6829
Multiple SQL injection vulnerabilities in the getip function in wp-limit-login-attempts.php in the WP Limit Login Attempts plugin before 2.0.1 for WordPress allow remote attackers to execute arbitrary SQL commands via the 1 X-Forwarded-For or 2 Client-IP HTTP header...