ThreatPress

WordPress Vulnerability Database

Back

WordPress Limit Login Attempts Reloaded plugin <= 2.17.3 - Login Rate Limiting Bypass vulnerability

Product
Limit Login Attempts Reloaded
Description
Login Rate Limiting Bypass vulnerability found by n4nj0 in WordPress Limit Login Attempts Reloaded plugin (versions <= 2.17.3).
Solution
Update the WordPress Limit Login Attempts Reloaded plugin to the latest available version (at least 2.17.4).
Classification
Type BYPASS
OWASP Top 10 A5: Security Misconfiguration
References
Vulnerability details
Plugin changelog
CVE
Name CVE- 2020-35590
Versions
Affected In <= 2.17.3
Fixed In 2.17.4
Disclosure date
2020-12-21
Credits
n4nj0