Vulnerabilities > Loginizer > Loginizer > 1.4.5

DATE CVE VULNERABILITY TITLE RISK
2023-05-30 CVE-2023-2296 Unspecified vulnerability in Loginizer
The Loginizer WordPress plugin before 1.7.9 does not escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
network
low complexity
loginizer
6.1
6.1
2023-05-22 CVE-2022-45079 Cross-Site Request Forgery (CSRF) vulnerability in Loginizer
Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Loginizer plugin <= 1.7.5 versions.
network
low complexity
loginizer CWE-352
8.8
8.8
2023-04-24 CVE-2022-45084 Cross-site Scripting vulnerability in Loginizer
Unauth.
network
low complexity
loginizer CWE-79
6.1
6.1
2020-10-21 CVE-2020-27615 SQL Injection vulnerability in Loginizer
The Loginizer plugin before 1.6.4 for WordPress allows SQL injection (with resultant XSS), related to loginizer_login_failed and lz_valid_ip.
network
low complexity
loginizer CWE-89
7.5
7.5