← Back

Siteground Security

siteground_security

Vendor: Siteground • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-0234
1Siteground
1Siteground Security
Mar 25, 2025
Feb 6, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
The SiteGround Security WordPress plugin before 1.3.1 does not properly sanitize user input before using it in an SQL query, leading to an authenticated SQL injection issue.
CVE-2022-0993
1Siteground
1Siteground Security
Apr 8, 2026
Apr 19, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows unauthenticated users to log in as administrative users due to missing identity verification on the 2FA back-up code impleme...Show more
The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows unauthenticated users to log in as administrative users due to missing identity verification on the 2FA back-up code implementation that logs users in upon success. This affects versions up to, and including, 1.2.5.Show less