Serious Vulnerabilities Found In Limit Login Attempts Reloaded WordPress Plugin


Limit Login Attempts Reloaded Plugin Vulnerabilities Security researcher Veno Eivazian has shared insights about some vulnerabilities in a popular WordPress plugin in his blog post. Limit Login Attempts Reloaded plugin is popular resource for many WordPress websites as it protects them against brute-force attacks by limiting login attempts. At present, the plugin boasts over 1 million active installations. Regarding the bugs, one of these included a critical severity vulnerability, CVE-2020-35590, that received a score of 9.8. It existed as the plugin failed to appropriately restrict the number of login attempts by any user. As described in the post,

Read more…