The Limit Login Attempts (Spam Protection) WordPress plugin prior to 5.1 does not sanitise and escape some parameters before using them in SQL statements via AJAX actions (available to unauthenticated users), leading to SQL Injections
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
limit login attempts project limit login attempts |