Loginizer WordPress Vulnerability Affects +1 Million Sites

WordPress Loginizer Plugin has issued a security patch for a vulnerability that could allow a hacker to modify a database through an Unauthenticated SQL Injection exploit.

This kind of exploit, also known as a Blind SQL Injection, relies on entering data into an input in order to trigger an error response. In this case the input is a username.

The Loginizer WordPress plugin didn’t have a way to sanitize the input, which means it didn’t have a way to compensate for an erroneous input. This caused the plugin to create an error situation.

According to the WPScan description of the Loginizer…


More Info

About mblog.my

Check Also

AudioDots Launches a TTS WordPress plugin

Text-to-Speech Solution is now available for WordPress based news publications, easily streaming audio to users …

Leave a Reply

Your email address will not be published. Required fields are marked *