Medium severity5.4NVD Advisory· Published May 15, 2025· Updated Jun 17, 2026
CVE-2023-6030
CVE-2023-6030
Description
The LogDash Activity Log WordPress plugin before 1.1.4 hooks the wp_login_failed function (from src/Hooks/Users.php) in order to log failed login attempts to the database but it doesn't escape the username when it perform some SQL request leading to a SQL injection vulnerability which can be exploited using time-based technique by unauthenticated attacker
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <1.1.4
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/b658e403-006c-4555-b1b2-3603e44f4411/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.