Limit_login_attempts_project Limit_login_attempts

5 CVEs affecting Limit_login_attempts_project Limit_login_attempts. Latest disclosed: 2023-05-02. Critical: 2, High: 1.

Top CVEs affecting Limit_login_attempts_project Limit_login_attempts
CVESeverityScorePublishedSummary
CVE-2022-0787Critical9.82022-03-28The Limit Login Attempts (Spam Protection) WordPress plugin before 5.1 does not sanitise and escape some parameters before using them in SQL statements via AJA…
CVE-2012-10001Critical9.82021-01-06The Limit Login Attempts plugin before 1.7.1 for WordPress does not clear auth cookies upon a lockout, which might make it easier for remote attackers to condu…
CVE-2023-1912High7.22023-04-06The Limit Login Attempts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its lock logging feature in versions up to, and including, 1.7.1…
CVE-2021-24657Medium6.12021-09-20The Limit Login Attempts WordPress plugin before 4.0.50 does not escape the IP addresses (which can be controlled by attacker via headers such as X-Forwarded-F…
CVE-2023-1861Medium5.42023-05-02The Limit Login Attempts WordPress plugin through 1.7.2 does not sanitize and escape usernames when outputting them back in the logs dashboard, which could all…