Over one million WordPress sites receive forced update to security plugin after severe vulnerability discovered

[ad_1]

Loginizer, a popular plugin for protecting WordPress blogs from brute force attacks, has been found to contain its own severe vulnerabilities that could be exploited by hackers.

The flaw, discovered by vulnerability researcher Slavco Mihajloski, opened up opportunities for cybercriminals to completely compromise WordPress sites.

The flaw can be exploited if a user attempts to log into a Loginizer-protected website with a carefully-crafted username. Vulnerable versions of Loginizer did not properly validate and sanitise the username to prevent SQL injection and Cross-Site Scripting (XSS)…

[ad_2]
More Info

About mblog.my

Check Also

Adding Images From Your Phone With Ease – WordPress.com News

Adding Images From Your Phone With Ease – WordPress.com News

[ad_1] We’re excited to share a new feature in the desktop editor and Jetpack mobile …

Leave a Reply

Your email address will not be published. Required fields are marked *