Known Vulnerabilities for products from Loginizer

Listed below are 7 of the newest known vulnerabilities associated with the vendor "Loginizer".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2023-2296 json The Loginizer WordPress plugin before 1.7.9 does not escape a parameter before outputting it back in the page, leading to a R... 6.1 - MEDIUM 2023-05-30 2023-11-07
CVE-2022-45084 json Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Softaculous Loginizer plugin <= 1.7.5 versions. Not Provided 2023-04-24 2026-04-28
CVE-2022-45079 json Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Loginizer plugin <= 1.7.5 versions. Not Provided 2023-05-22 2026-04-28
CVE-2020-27615 json The Loginizer plugin before 1.6.4 for WordPress allows SQL injection (with resultant XSS), related to loginizer_login_failed ... 9.8 - CRITICAL 2020-10-21 2020-10-23
CVE-2018-11366 json init.php in the Loginizer plugin 1.3.8 through 1.3.9 for WordPress has Unauthenticated Stored Cross-Site Scripting (XSS) beca... 6.1 - MEDIUM 2018-05-22 2018-06-26
CVE-2017-12651 json Cross Site Request Forgery (CSRF) exists in the Blacklist and Whitelist IP Wizard in init.php in the Loginizer plugin before ... Not Provided 2017-08-07 2025-04-20
CVE-2017-12650 json SQL Injection exists in the Loginizer plugin before 1.3.6 for WordPress via the X-Forwarded-For HTTP header. Not Provided 2017-08-07 2025-04-20

Known software with vulnerabilities from Loginizer

Type Vendor Product Version
ApplicationLoginizerLoginizer1.0