cleantalk
Vulnerabilities and Security Researches

IP Based Login, CVE-2024-13118

CVE, Research URL

CVE-2024-13118

Home page URL

Security reports for IP Based Login

Application

IP Based Login

Published on
Mar 25, 2025
Research Description
The IP Based Login WordPress plugin before 2.4.1 does not have CSRF checks in some places, which could allow attackers to make logged in users delete all logs via a CSRF attack
Affected versions
max 2.4.1.
Status
vulnerable
Previous vulnerability researches
IP Based Login (CVE-2025-58960) , Apr 26, 2026
IP Based Login (CVE-2025-50016) , Jul 02, 2025
IP Based Login (CVE-2024-13118) , Mar 15, 2025
IP Based Login (CVE-2024-12800) , Mar 15, 2025
New vulnerability
MaxiBlocks Free Page Builder & Template Library (CVE-2026-2028) , Apr 26, 2026
WordPress Books Gallery (CVE-2026-5347) , Apr 26, 2026
LMS by Masteriyo – WordPress Learning Management System, eLearning Platform, Online Education System & Online Course (CVE-2026-39524) , Apr 26, 2026
Newsletter – Send awesome emails from WordPress (CVE-2025-3582) , Apr 26, 2026
Carousel, Slider, Gallery by WP Carousel – Image Carousel & Photo Gallery, Post Carousel & Post Grid, Product Car (CVE-2024-4002) , Apr 26, 2026