The LOGIN AND REGISTRATION ATTEMPTS LIMIT plugin for WordPress has a security vulnerability that allows attackers to spoof their IP address. This means they can trick the plugin into thinking they are coming from a different IP address, which can bypass any restrictions set up to block that IP address from logging in. The vulnerability affects versions up to 2.1 of the plugin.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
