WordPress Limit Login Attempts 1.7.1 Cross Site Scripting

On January 26, 2023, the Wordfence team responsibly disclosed an unauthenticated stored Cross-Site Scripting vulnerability in Limit Login Attempts, a WordPress plugin installed on over 600,000 sites that provides site owners with the ability to block IP addresses that have made repeated failed login attempts.The plugin is vulnerable in versions up to, and including, 1.7.1.

Related Keywords

Marco Wotschka , Wordpress , Wordpress Plugin Security Team , Cross Site Scripting , Limit Login Attempts , Wordfence Premium , Wordfence Care , Wordfence Response , Unauthenticated Stored Cross Site Scripting , Limit Login , Patched Version , Site Scripting Vulnerabilities , Wordfence Intelligence ,