https://plugins.trac.wordpress.org/changeset/2401010/loginizer

https://wpdeeply.com/loginizer-before-1-6-4-sqli-injection/

https://wpscan.com/vulnerability/10441

https://www.zdnet.com/article/wordpress-deploys-forced-security-update-for-dangerous-bug-in-popular-plugin/

The Loginizer Plugin for WordPress running on the remote web server is affected by a SQL injection vulnerability due to improper sanitization of user-supplied input. An unauthenticated, remote attacker can exploit this issue to inject or manipulate SQL queries in the back-end database, resulting in the manipulation of arbitrary data.

CVE-2020-27615

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Tenable Plugins