all InfoSec news
Update Now! Severe Vulnerability Impacting 600,000 Sites Patched in Limit Login Attempts
Malware Analysis, News and Indicators - Latest topics malware.news
On January 26, 2023, the Wordfence team responsibly disclosed an unauthenticated stored Cross-Site Scripting vulnerability in Limit Login Attempts, a WordPress plugin installed on over 600,000 sites that provides site owners with the ability to block IP addresses that have made repeated failed login attempts.
The plugin is vulnerable in versions up to, and including, 1.7.1. A patch addressing this vulnerability was released on April 4, 2023 as version 1.7.2. We recommend all site owners update to version 1.7.2 …
addresses april block care cross-site ip addresses january login login attempts patch plugin premium scripting team update update now version version 1 vulnerability vulnerable wordfence wordpress wordpress plugin