The method in which 2FA back-up code authentication is handled by the plugin makes it possible for attackers to log in if they are able to brute force a back-up code for a user or compromise it via other means such as SQL Injection.
CPE | Name | Operator | Version |
---|---|---|---|
sg-security | lt | 1.2.6 |