cleantalk
Vulnerabilities and Security Researches

Limit Login Attempts (Spam Protection), CVE-2022-0787

CVE, Research URL

CVE-2022-0787

Home page URL

Security reports for Limit Login Attempts (Spam Protection)

Application

Limit Login Attempts (Spam Protection)

Published on
Mar 28, 2022
Research Description
The Limit Login Attempts (Spam Protection) WordPress plugin before 5.1 does not sanitise and escape some parameters before using them in SQL statements via AJAX actions (available to unauthenticated users), leading to SQL Injections
Affected versions
max 3.1.
Status
vulnerable
Previous vulnerability researches
Limit Login Attempts (Spam Protection) (CVE-2022-4534) , Oct 09, 2024
Limit Login Attempts (Spam Protection) (CVE-2022-0787) , Jun 07, 2024
Limit Login Attempts (Spam Protection) (CVE-2021-24191) , Jun 07, 2024
Limit Login Attempts (Spam Protection) (CVE-2021-24193) , Jun 07, 2024
Limit Login Attempts (Spam Protection) (CVE-2024-54234) , Dec 15, 2024
New vulnerability
OOPSpam Anti-Spam (CVE-2026-32544) , Mar 31, 2026
NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With Elementor (CVE-2026-27042) , Mar 31, 2026
The Conference (CVE-2026-32335) , Mar 31, 2026
WP Booking System – Booking Calendar (CVE-2025-68515) , Mar 31, 2026
UPI QR Code Payment Gateway for WooCommerce (CVE-2025-67969) , Mar 31, 2026