Dologin Security Security Vulnerabilities and Issues — Dologin Security CVE List

Lucene search

WpdoDologin Security

4 matches found

CVE•added 2025/01/02 12:15 p.m.•71 views

CVE-2023-46608

Missing Authorization vulnerability in WPDO DoLogin Security allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DoLogin Security: from n/a through 3.7.1.

5.3CVSS5.4AI score0.00096EPSS

CVE•added 2023/09/25 4:15 p.m.•48 views

CVE-2023-4631

The DoLogin Security WordPress plugin before 3.7 uses headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing.

5.3CVSS5.2AI score0.01899EPSS

CVE•added 2023/09/25 4:15 p.m.•46 views

CVE-2023-4549

The DoLogin Security WordPress plugin before 3.7 does not properly sanitize IP addresses coming from the X-Forwarded-For header, which can be used by attackers to conduct Stored XSS attacks via WordPress' login form.

6.1CVSS6.1AI score0.01234EPSS

CVE•added 2023/10/16 8:15 p.m.•35 views

CVE-2023-4800

The DoLogin Security WordPress plugin before 3.7.1 does not restrict the access of a widget that shows the IPs of failed logins to low privileged users.

6.5CVSS6.3AI score0.09604EPSS