2
0
2
0
Vulnerability Timeline
2 vulnerabilities discovered over time for Dologin security
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2023-4631 | 5.3 | This vulnerability allows an attacker to spoof their IP address when using the DoLogin Security plugin for WordPress, potentially bypassing security measures that rely on IP address verification. It occurs because the plugin improperly trusts certain headers, which can be manipulated if the attacker has access to the network or can send requests through a proxy. | wpdodologin security | Exploit Available | over 2 years agoSep 25, 2023 |
| CVE-2023-4549 | 6.1 | This vulnerability allows attackers to inject malicious scripts into the WordPress login form, potentially leading to stored cross-site scripting (XSS) attacks, which can compromise user accounts. It occurs because the DoLogin Security plugin fails to properly clean up IP addresses from the X-Forwarded-For header, and it affects versions before 3.7. | wpdodologin security | Exploit Available | over 2 years agoSep 25, 2023 |
About Wpdo Dologin security Security
This page provides comprehensive security vulnerability tracking for Wpdo Dologin security. Our database includes all CVEs affecting this product, updated in real-time from official sources.
Each vulnerability listing includes detailed CVSS severity analysis, exploit availability status, AI-generated explanations, and direct links to official security patches and vendor advisories.
Security Recommendations
- • Always keep Dologin security updated to the latest version
- • Subscribe to security advisories from Wpdo
- • Monitor this page for new vulnerabilities affecting your version
- • Prioritize patching critical and high severity issues immediately