Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in WordPress Report Brute Force Attacks and Login Protection ReportAttacks Plugins 2.32

  • Severity: medium-risk
  • Status: Fixed
  • Publication: March 12, 2025

The plugin called “WordPress Report Brute Force Attacks and Login Protection ReportAttacks Plugins” is not safe to use. It has a security issue called SQL Injection, which means that hackers can access sensitive information from the database by adding their own commands to the plugin. This can happen to all versions of the plugin up to version 2.32, and can only be done by someone with Administrator-level access or higher.

Detected in:

ReportAttacks — Brute Force & Login Protection fixed vulnerable versions:
WordPress Report Brute Force Attacks and Login Protection ReportAttacks Plugins fixed vulnerable versions: >= * <= 2.32

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.