cleantalk
Vulnerabilities and Security Researches

DoLogin Security, ec9ed021b819b9fec28c1dd4736944e0b26ef789

CVE, Research URL

ec9ed021b819b9fec28c1dd4736944e0b26ef789

Home page URL

Security reports for DoLogin Security

Application

DoLogin Security

Published on
Sep 14, 2023
Research Description
DoLogin Security [dologin] < 3.7.1 DoLogin Security <= 3.7 - Missing Authorization on Dashboard Widget The DoLogin Security plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the dashboard widget in versions up to, and including, 3.7. This makes it possible for authenticated attackers to view the login attempts log.
Affected versions
max 3.7.1.
Status
vulnerable
Previous vulnerability researches
DoLogin Security (CVE-2023-4800) , Jun 06, 2024
DoLogin Security (0ce96febe7b9755fbb1e0e6afd5664058b92248c) , Jun 06, 2024
DoLogin Security (CVE-2023-4549) , Jun 06, 2024
DoLogin Security (CVE-2023-4631) , Jun 06, 2024
DoLogin Security (ec9ed021b819b9fec28c1dd4736944e0b26ef789) , Jun 16, 2026
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar &#8211; Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026