The simple-login-log plugin prior to 1.1.2 for WordPress has SQL injection.
simplerealtytheme simple login log