Loginizer WordPress Vulnerability Affects +1 Million Sites

WordPress Loginizer Plugin has issued a security patch for a vulnerability that could allow a hacker to modify a database through an Unauthenticated SQL Injection exploit.

This kind of exploit, also known as a Blind SQL Injection, relies on entering data into an input in order to trigger an error response. In this case the input is a username.

The Loginizer WordPress plugin didn’t have a way to sanitize the input, which means it didn’t have a way to compensate for an erroneous input. This caused the plugin to create an error situation.

According to the WPScan description of the Loginizer…


More Info

About mblog.my

Check Also

WordPress Considers Dropping Support for IE 11

High Maintenance for Developers Downsides of Dropping Support WordPress is Seeking Feedback Citation WordPress announced …

Leave a Reply

Your email address will not be published. Required fields are marked *