Loginizer

CVEs (4)

CVE	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2017-12650	Cri	0.64	9.8	0.01	Aug 7, 2017	SQL Injection exists in the Loginizer plugin before 1.3.6 for WordPress via the X-Forwarded-For HTTP header.
CVE-2017-12651	Hig	0.57	8.8	0.00	Aug 7, 2017	Cross Site Request Forgery (CSRF) exists in the Blacklist and Whitelist IP Wizard in init.php in the Loginizer plugin before 1.3.6 for WordPress because the HTTP Referer header is not checked.
CVE-2022-45084	Med	0.41	6.3	0.00	Apr 24, 2023	Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Softaculous Loginizer plugin <= 1.7.5 versions.
CVE-2022-45079	Med	0.31	4.7	0.00	May 22, 2023	Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Loginizer plugin <= 1.7.5 versions.

CVE-2017-12650CriAug 7, 2017
risk 0.64cvss 9.8epss 0.01
SQL Injection exists in the Loginizer plugin before 1.3.6 for WordPress via the X-Forwarded-For HTTP header.
CVE-2017-12651HigAug 7, 2017
risk 0.57cvss 8.8epss 0.00
Cross Site Request Forgery (CSRF) exists in the Blacklist and Whitelist IP Wizard in init.php in the Loginizer plugin before 1.3.6 for WordPress because the HTTP Referer header is not checked.
CVE-2022-45084MedApr 24, 2023
risk 0.41cvss 6.3epss 0.00
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Softaculous Loginizer plugin <= 1.7.5 versions.
CVE-2022-45079MedMay 22, 2023
risk 0.31cvss 4.7epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Loginizer plugin <= 1.7.5 versions.