Loginizer
by Loginizer
Source repositories
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-12650 | Cri | 0.64 | 9.8 | 0.02 | Aug 7, 2017 | SQL Injection exists in the Loginizer plugin before 1.3.6 for WordPress via the X-Forwarded-For HTTP header. | ||
| CVE-2017-12651 | Hig | 0.57 | 8.8 | 0.01 | Aug 7, 2017 | Cross Site Request Forgery (CSRF) exists in the Blacklist and Whitelist IP Wizard in init.php in the Loginizer plugin before 1.3.6 for WordPress because the HTTP Referer header is not checked. | ||
| CVE-2022-45084 | Med | 0.41 | 6.3 | 0.00 | Apr 24, 2023 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Softaculous Loginizer plugin <= 1.7.5 versions. | ||
| CVE-2023-2296 | Med | 0.40 | 6.1 | 0.00 | May 30, 2023 | The Loginizer WordPress plugin before 1.7.9 does not escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin | ||
| CVE-2022-45079 | Med | 0.31 | 4.7 | 0.00 | May 22, 2023 | Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Loginizer plugin <= 1.7.5 versions. |
- risk 0.64cvss 9.8epss 0.02
SQL Injection exists in the Loginizer plugin before 1.3.6 for WordPress via the X-Forwarded-For HTTP header.
- risk 0.57cvss 8.8epss 0.01
Cross Site Request Forgery (CSRF) exists in the Blacklist and Whitelist IP Wizard in init.php in the Loginizer plugin before 1.3.6 for WordPress because the HTTP Referer header is not checked.
- risk 0.41cvss 6.3epss 0.00
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Softaculous Loginizer plugin <= 1.7.5 versions.
- risk 0.40cvss 6.1epss 0.00
The Loginizer WordPress plugin before 1.7.9 does not escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
- risk 0.31cvss 4.7epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Loginizer plugin <= 1.7.5 versions.