Vulnerabilities > Loginizer > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-21 | CVE-2020-27615 | SQL Injection vulnerability in Loginizer The Loginizer plugin before 1.6.4 for WordPress allows SQL injection (with resultant XSS), related to loginizer_login_failed and lz_valid_ip. | 9.8 |
| 2017-08-07 | CVE-2017-12650 | SQL Injection vulnerability in Loginizer SQL Injection exists in the Loginizer plugin before 1.3.6 for WordPress via the X-Forwarded-For HTTP header. | 9.8 |