Critical severity9.8NVD Advisory· Published Oct 21, 2020· Updated Jun 17, 2026
CVE-2020-27615
CVE-2020-27615
Description
The Loginizer plugin before 1.6.4 for WordPress allows SQL injection (with resultant XSS), related to loginizer_login_failed and lz_valid_ip.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Loginizerdescription
Patches
Vulnerability mechanics
References
4- plugins.trac.wordpress.org/changeset/2401010/loginizernvdPatchThird Party Advisory
- wpdeeply.com/loginizer-before-1-6-4-sqli-injection/nvdExploitThird Party Advisory
- wpscan.com/vulnerability/10441nvdThird Party Advisory
- www.zdnet.com/article/wordpress-deploys-forced-security-update-for-dangerous-bug-in-popular-plugin/nvdThird Party Advisory
News mentions
0No linked articles in our index yet.