← Back

Wp Login Lockdown

wp_login_lockdown

Vendor: Webfactoryltd • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-1340
1Webfactoryltd
1Wp Login Lockdown
Apr 8, 2026
Feb 29, 2024
N/A· v4
5.4 MEDIUM· v3
N/A· v2
The Login Lockdown – Protect Login Form plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the generate_export_file function in all versions up to, and including, 2.08....Show more
The Login Lockdown – Protect Login Form plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the generate_export_file function in all versions up to, and including, 2.08. This makes it possible for authenticated attackers, with subscriber access and higher, to export this plugin's settings that include whitelisted IP addresses as well as a global unlock key. With the global unlock key an attacker can add their IP address to the whitelist.Show less
CVE-2023-50837
1Webfactoryltd
1Wp Login Lockdown
Apr 28, 2026
Dec 29, 2023
N/A· v4
7.2 HIGH· v3
N/A· v2
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WebFactory Ltd Login Lockdown – Protect Login Form.This issue affects Login Lockdown – Protect Login Form: from n/a th...Show more
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WebFactory Ltd Login Lockdown – Protect Login Form.This issue affects Login Lockdown – Protect Login Form: from n/a through 2.06.Show less