Vendor
Loginizer
Products
1
CVEs
4
Across products
4
Status
Private
Products
1- 4 CVEs
Recent CVEs
4| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-12650 | Cri | 0.64 | 9.8 | 0.01 | Aug 7, 2017 | SQL Injection exists in the Loginizer plugin before 1.3.6 for WordPress via the X-Forwarded-For HTTP header. | |
| CVE-2017-12651 | Hig | 0.57 | 8.8 | 0.00 | Aug 7, 2017 | Cross Site Request Forgery (CSRF) exists in the Blacklist and Whitelist IP Wizard in init.php in the Loginizer plugin before 1.3.6 for WordPress because the HTTP Referer header is not checked. | |
| CVE-2022-45084 | Med | 0.41 | 6.3 | 0.00 | Apr 24, 2023 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Softaculous Loginizer plugin <= 1.7.5 versions. | |
| CVE-2022-45079 | Med | 0.31 | 4.7 | 0.00 | May 22, 2023 | Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Loginizer plugin <= 1.7.5 versions. |
- risk 0.64cvss 9.8epss 0.01
SQL Injection exists in the Loginizer plugin before 1.3.6 for WordPress via the X-Forwarded-For HTTP header.
- risk 0.57cvss 8.8epss 0.00
Cross Site Request Forgery (CSRF) exists in the Blacklist and Whitelist IP Wizard in init.php in the Loginizer plugin before 1.3.6 for WordPress because the HTTP Referer header is not checked.
- risk 0.41cvss 6.3epss 0.00
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Softaculous Loginizer plugin <= 1.7.5 versions.
- risk 0.31cvss 4.7epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Loginizer plugin <= 1.7.5 versions.