Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbBartlomiej MarekWPVDB-ID:7EAE1434-8C7A-4291-912D-A4A07B73EE56
HistorySep 21, 2023 - 12:00 a.m.

DoLogin Security < 3.7.1 - Subscriber+ IP Address leak

2023-09-2100:00:00
Bartlomiej Marek
wpscan.com
6
dologin security
ip address
leak
low privileged users
plugin

EPSS

0.001

Percentile

21.4%

JSON

Description The plugin does not restrict the access of a widget that shows the IPs of failed logins to low privileged users.

PoC

Just login to subscriber account and go to: http://localhost/wp-admin/index.php#log

Related

cve 1
cvelist 1
nvd 1
wpexploit 1
prion 1
cve
cve
CVE-2023-4800
2023-10-16 20:15:16
cvelist
cvelist
CVE-2023-4800 DoLogin Security < 3.7.1 - Subscriber+ IP Address leak
2023-10-16 19:39:19
nvd
nvd
CVE-2023-4800
2023-10-16 20:15:16
wpexploit
wpexploit
DoLogin Security < 3.7.1 - Subscriber+ IP Address leak
2023-09-21 00:00:00
prion
prion
Code injection
2023-10-16 20:15:00

EPSS

0.001

Percentile

21.4%

JSON
Related for WPVDB-ID:7EAE1434-8C7A-4291-912D-A4A07B73EE56
cve1cvelist1nvd1wpexploit1prion1