Known Vulnerabilities for products from Limit Login Attempts Project
Listed below are 5 of the newest known vulnerabilities associated with the vendor "Limit Login Attempts Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-1912 json | The Limit Login Attempts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its lock logging feature in ve... | Not Provided | 2023-04-06 | 2026-04-08 |
| CVE-2023-1861 json | The Limit Login Attempts WordPress plugin through 1.7.2 does not sanitize and escape usernames when outputting them back in t... | 5.4 - MEDIUM | 2023-05-02 | 2023-11-07 |
| CVE-2022-0787 json | The Limit Login Attempts (Spam Protection) WordPress plugin before 5.1 does not sanitise and escape some parameters before us... | 9.8 - CRITICAL | 2022-03-28 | 2022-04-04 |
| CVE-2021-24657 json | The Limit Login Attempts WordPress plugin before 4.0.50 does not escape the IP addresses (which can be controlled by attacker... | 6.1 - MEDIUM | 2021-09-20 | 2021-10-01 |
| CVE-2012-10001 json | The Limit Login Attempts plugin before 1.7.1 for WordPress does not clear auth cookies upon a lockout, which might make it ea... | 9.8 - CRITICAL | 2021-01-06 | 2021-01-08 |
Known software with vulnerabilities from Limit Login Attempts Project
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Limit Login Attempts Project | Limit Login Attempts | 1.0 |