Really Simple Security logo

Log out
Get PRO

Latest

Access violation vulnerability in Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan 4.51

  • Severity: medium-risk
  • Status: Open
  • Publication: February 27, 2024

mechanisms and gaining access to sensitive information. The plugin called “Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan” for the website platform WordPress has a security flaw that allows unauthorized changes to be made to the data. This is because the function used to add IP addresses to a whitelist does not have a check to make sure the person adding it has the proper permission. This means that hackers can add their own IP address to the whitelist and bypass security measures, potentially accessing confidential information.

Detected in:

Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan open vulnerable versions: >= * <= 4.51

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.