fbpx

Loginizer Plugin Gets Forced Security Update for Vulnerabilities Affecting 1 Million Users

GET UP TO $500K IN BUSINESS FUNDING

WordPress.org has pushed out a forced security update for the Loginizer plugin, which is active on more than 1 million websites. The plugin offers brute force protection in its free version, along with other security features like two-factor auth, reCAPTCHA, and PasswordLess login in its commercial upgrade.

Last week security researcher Slavco Mihajloski discovered an unauthenticated SQL injection vulnerability, and an XSS vulnerability, that he disclosed to the plugin’s authors. Loginizer version 1.6.4 was released on October 16, 2020, with patches for the two issues, summarized on the plugin’s blog:

1) [Security Fix] : A properly

This post was originally published on this site

BUILD A WEBSITE: RESOURCES

Pin It on Pinterest

Share This
Xiphos Web Marketing

FREE
VIEW