Lucene search
K
Limit Login Attempts ProjectLimit Login Attempts

5 matches found

CVE
CVE
added 2022/03/28 5:23 p.m.154 views

CVE-2022-0787

CVE-2022-0787 affects the WordPress plugin Limit Login Attempts (Spam Protection) prior to version 5.1. The issue is that certain parameters are not sanitized/escaped before being used in SQL statements inside unauthenticated AJAX actions, enabling SQL injection. The impact is unauthenticated acc...

9.8CVSS9.7AI score0.08852EPSS
Web
CVE
CVE
added 2023/05/02 7:4 a.m.91 views

CVE-2023-1861

CVE-2023-1861 affects the Limit Login Attempts WordPress plugin (versions

5.4CVSS5.4AI score0.28799EPSS
Web
CVE
CVE
added 2023/04/06 2:37 p.m.74 views

CVE-2023-1912

The CVE-2023-1912 entry concerns the WordPress plugin Limit Login Attempts . It describes a Stored Cross-Site Scripting (XSS) vulnerability in versions up to and including 1.7.1, caused by insufficient input sanitization and output escaping in the lock-logging feature. The flaw can allow unauthen...

7.2CVSS5.8AI score0.00789EPSS
Web
CVE
CVE
added 2021/09/20 10:6 a.m.46 views

CVE-2021-24657

The CVE-2021-24657 entry concerns the Limit Login Attempts WordPress plugin prior to version 4.0.50. The issue is an Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability caused by not escaping IP addresses, which can be controlled by an attacker via headers such as X-Forwarded-For, bef...

6.1CVSS6AI score0.0157EPSS
Web
CVE
CVE
added 2021/01/06 2:40 p.m.39 views

CVE-2012-10001

The CVE-2012-10001 entry concerns the WordPress plugin Limit Login Attempts (before 1.7.1). The vulnerability arises because the plugin does not clear authentication cookies when a lockout occurs, potentially allowing remote attackers to continue brute-forcing authentication attempts. Affected co...

9.8CVSS9.5AI score0.02504EPSS