ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Cerber Limit Login Attempts Plugin <= 2.7.2 - Cross-Site Request Forgery (CSRF)

Product
Cerber Limit Login Attempts
Description
In version 2.7.2, WordPress Cerber Limit Login Attempts Plugin, doesn't check for a nonce.
Solution
Update the plugin.
Classification
Type Cross Site Request Forgery (CSRF)
OWASP Top 10 A8: Cross Site Request Forgery (CSRF)
References
Pluginvulnerabilities
Changelog
CVE
Name CVE-N/A
Versions
Affected In <= 2.7.2
Fixed In 2.9
Disclosure date
2016-08-29
Credits
pluginvulnerabilities