Login Protection - Limit Failed Login Attempts Security Vulnerabilities and Issues — Login Protection - Limit Failed Login Attempts CVE List

Lucene search

Wp-buyLogin Protection - Limit Failed Login Attempts

3 matches found

cve•added 2021/05/14 12:15 p.m.•48 views

CVE-2021-24194

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Login Protection - Limit Failed Login Attempts WordPress plugin before 2.9, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from the...

8.8CVSS8.8AI score0.00626EPSS

cve•added 2024/10/08 9:15 a.m.•38 views

CVE-2022-4534

The Limit Login Attempts (Spam Protection) plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 5.3. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can suppl...

5.3CVSS5.6AI score0.00075EPSS

cve•added 2024/12/13 3:15 p.m.•38 views

CVE-2024-54234

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wp-buy Limit Login Attempts allows SQL Injection.This issue affects Limit Login Attempts: from n/a through 5.5.

9.3CVSS9.6AI score0.0015EPSS