cleantalk
Vulnerabilities and Security Researches

Solid Security – Password, Two Factor Authentication, and Brute Force Protection, CVE-2018-12636

CVE, Research URL

CVE-2018-12636

Home page URL

Security reports for Solid Security – Password, Two Factor Authentication, and Brute Force Protection

Application

Solid Security – Password, Two Factor Authentication, and Brute Force Protection

Published on
Jun 22, 2018
Research Description
The iThemes Security (better-wp-security) plugin before 7.0.3 for WordPress allows SQL Injection (by attackers with Admin privileges) via the logs page.
Affected versions
Min -, max 7.0.3.
Status
vulnerable
Previous vulnerability researches
Solid Security – Password, Two Factor Authentication, and Brute Force Protection (CVE-2018-12636) , Jun 07, 2024
Solid Security – Password, Two Factor Authentication, and Brute Force Protection (CVE-2012-4264) , Jun 07, 2024
Solid Security – Password, Two Factor Authentication, and Brute Force Protection (CVE-2020-36176) , Jun 07, 2024
Solid Security – Password, Two Factor Authentication, and Brute Force Protection (CVE-2012-4263) , Jun 07, 2024
Solid Security – Password, Two Factor Authentication, and Brute Force Protection (CVE-2018-7433) , Jun 07, 2024
New vulnerability
Media Folder (CVE-2025-52786) , Jul 12, 2025
SMu Manual DoFollow (CVE-2025-49031) , Jul 12, 2025
Premium SEO Pack – WP SEO Plugin (CVE-2025-31044) , Jul 12, 2025
PW WooCommerce On Sale! (CVE-2025-49888) , Jul 12, 2025
Melapress File Monitor (CVE-2025-3702) , Jul 09, 2025