Vulnerabilities > Ithemes > Security > 6.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-22 | CVE-2018-12636 | SQL Injection vulnerability in Ithemes Security The iThemes Security (better-wp-security) plugin before 7.0.3 for WordPress allows SQL Injection (by attackers with Admin privileges) via the logs page. | 7.2 |
| 2018-03-02 | CVE-2018-7433 | Information Exposure Through Log Files vulnerability in Ithemes Security The iThemes Security plugin before 6.9.1 for WordPress does not properly perform data escaping for the logs page. | 5.0 |