VYPR

Login Lockdown

by WordPress

Source repositories

CVEs (4)

  • CVE-2023-50837HigDec 29, 2023
    risk 0.49cvss 7.6epss 0.01

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WebFactory Ltd Login Lockdown – Protect Login Form.This issue affects Login Lockdown – Protect Login Form: from n/a through 2.06.

  • CVE-2024-1340MedFeb 29, 2024
    risk 0.35cvss 5.4epss 0.00

    The Login Lockdown – Protect Login Form plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the generate_export_file function in all versions up to, and including, 2.08. This makes it possible for authenticated attackers, with…

  • CVE-2025-11707MedDec 13, 2025
    risk 0.34cvss 5.3epss 0.00

    The Login Lockdown & Protection plugin for WordPress is vulnerable to IP Block Bypass in all versions up to, and including, 2.14. This is due to $unblock_key key being insufficiently random allowing unauthenticated users, with access to an administrative user email, to generate…

  • CVE-2025-3766MedMay 7, 2025
    risk 0.28cvss 5.4epss 0.00

    The Login Lockdown & Protection plugin for WordPress is vulnerable to unauthorized nonce access due to a missing capability check on the ajax_run_tool function in all versions up to, and including, 2.11. This makes it possible for authenticated attackers, with Subscriber-level…