WordPress Plugin Vulnerabilities

WP Limit Login Attempts <= 2.0.0 - Unauthenticated SQL Injection

Description

The WP Limit Login Attempts WordPress plugin was affected by an Unauthenticated SQL Injection security vulnerability.

Affects Plugins

Plugin icon
wp-limit-login-attempts
Fixed in 2.0.1

References

CVE
CVE-2015-6829
URL
https://seclists.org/oss-sec/2015/q3/500

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
3b350793-ba66-4ad2-af3e-82b2a8f654ee

Timeline

Publicly Published
2015-09-05 (about 10 years ago)
Added
2015-09-09 (about 10 years ago)
Last Updated
2019-10-27 (about 6 years ago)

Other

Published
Title
Published
2025-06-05
Title
Persian Woocommerce SMS < 7.1.0 - Authenticated (Shop manager+) SQL Injection
Published
2014-08-01
Title
Event Registration 5.32 - SQL Injection
Published
2023-11-13
Title
WP Fastest Cache < 1.2.2 - Unauthenticated SQL Injection
Published
2017-01-28
Title
FormBuilder <= 1.0.7 - Multiple Authenticated SQL Injection
Published
2022-12-05
Title
Contest Gallery < 19.1.5 - Author+ SQL Injection