Limit Login Attempts Project
Products
1- 5 CVEs
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-1912 | Hig | 0.47 | 7.2 | 0.01 | Apr 6, 2023 | The Limit Login Attempts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its lock logging feature in versions up to, and including, 1.7.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to… | ||
| CVE-2022-4532 | Med | 0.42 | 6.5 | 0.00 | Aug 17, 2024 | The LOGIN AND REGISTRATION ATTEMPTS LIMIT plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.1. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions.… | ||
| CVE-2022-4533 | Med | 0.34 | 5.3 | 0.00 | Sep 19, 2024 | The Limit Login Attempts Plus plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.1.0. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers… | ||
| CVE-2022-4534 | Med | 0.27 | 5.3 | 0.00 | Oct 8, 2024 | The Limit Login Attempts (Spam Protection) plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 5.3. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions.… |
- risk 0.47cvss 7.2epss 0.01
The Limit Login Attempts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its lock logging feature in versions up to, and including, 1.7.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to…
- risk 0.42cvss 6.5epss 0.00
The LOGIN AND REGISTRATION ATTEMPTS LIMIT plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.1. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions.…
- risk 0.34cvss 5.3epss 0.00
The Limit Login Attempts Plus plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.1.0. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers…
- risk 0.27cvss 5.3epss 0.00
The Limit Login Attempts (Spam Protection) plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 5.3. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions.…