Vulnerabilities and security researches forip-based-login ip-based-login
Direction: descendingApr 26, 2026
IP Based Login # CVE-2025-58960
- CVE, Research URL
- Home page URL
- Application
- Date
- Sep 23, 2025
- Research Description
- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brijeshk89 IP Based Login ip-based-login allows Stored XSS.This issue affects IP Based Login: from n/a through <= 2.4.3.
- Affected versions
-
max 2.4.4.
- Status
-
vulnerable
Jul 02, 2025
IP Based Login # CVE-2025-50016
- CVE, Research URL
- Home page URL
- Application
- Date
- Jun 20, 2025
- Research Description
- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brijeshk89 IP Based Login allows Stored XSS. This issue affects IP Based Login: from n/a through 2.4.2.
- Affected versions
-
max 2.4.2.
- Status
-
vulnerable
Mar 15, 2025
IP Based Login # CVE-2024-13118
- CVE, Research URL
- Home page URL
- Application
- Date
- Mar 25, 2025
- Research Description
- The IP Based Login WordPress plugin before 2.4.1 does not have CSRF checks in some places, which could allow attackers to make logged in users delete all logs via a CSRF attack
- Affected versions
-
max 2.4.1.
- Status
-
vulnerable
IP Based Login # CVE-2024-12800
- CVE, Research URL
- Home page URL
- Application
- Date
- May 16, 2025
- Research Description
- The IP Based Login WordPress plugin before 2.4.1 does not sanitise values when importing, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
- Affected versions
-
max 2.4.1.
- Status
-
vulnerable