CVE-2017-12651
N/A
N/A
Summary
Cross Site Request Forgery (CSRF) exists in the Blacklist and Whitelist IP Wizard in init.php in the Loginizer plugin before 1.3.6 for WordPress because the HTTP Referer header is not checked.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://blog.wpscans.com/sql-injection-and-csrf-security-vulnerability-in-loginizer/
- https://sv.wordpress.org/plugins/loginizer/#developers
- https://wpvulndb.com/vulnerabilities/8884
References
- https://blog.wpscans.com/sql-injection-and-csrf-security-vulnerability-in-loginizer/
- https://sv.wordpress.org/plugins/loginizer/#developers
- https://wpvulndb.com/vulnerabilities/8884
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.