HIGH✓ PATCH🇬🇧 English

CVE-2023-50837

CVSS 7.6v3.1pub. 2023-12-29upd. 2026-04-28

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WebFactory Ltd Login Lockdown – Protect Login Form.This issue affects Login Lockdown – Protect Login Form: from n/a through 2.06.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L
  • Webfactoryltd Wp Login Lockdown

    APP
    Webfactoryltd
    ≤ 2.06
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
SQLi
CWE
Referencje

Powiązane podatności

CVE-2024-1340MEDIUM5.4ten sam produkt

The Login Lockdown – Protect Login Form plugin for WordPress is vulnerable to unauthorized access of data due ...

CVE-2020-7048CRITICAL9.1ten sam vendor

The WordPress plugin, WP Database Reset through 3.1, contains a flaw that allowed any unauthenticated user to ...

CVE-2019-19915CRITICAL9.0ten sam vendor

The "301 Redirects - Easy Redirect Manager" plugin before 2.45 for WordPress allows users (with subscriber or ...

CVE-2021-36908HIGH8.8ten sam vendor

Cross-Site Request Forgery (CSRF) vulnerability in WebFactory Ltd. WP Reset PRO plugin <= 5.98 versions.

CVE-2021-36909HIGH8.8ten sam vendor

Authenticated Database Reset vulnerability in WordPress WP Reset PRO Premium plugin (versions <= 5.98) allows ...