Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total3

Critical0

High0

Medium3

Search Severity Year Type Sort Order

Reset

Showing 1-3 of 3 records

Threat Entry Updated 2025-03-06

CVE-2023-4800 - Dologin Security Plugin

The DoLogin Security WordPress plugin before 3.7.1 does not restrict the access of a widget that shows the IPs of failed logins to low privileged users.

PLUGIN Dologin Security

CVE-2023-4800

MEDIUM CVSS 6.5 2023-10-16

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2026-03-03

CVE-2023-4549 - Dologin Security Plugin

The DoLogin Security WordPress plugin before 3.7 does not properly sanitize IP addresses coming from the X-Forwarded-For header, which can be used by attackers to conduct Stored XSS attacks via WordPress' login form.

PLUGIN Dologin Security

CVE-2023-4549

MEDIUM CVSS 6.1 2023-09-25

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2026-03-03

CVE-2023-4631 - Dologin Security Plugin

The DoLogin Security WordPress plugin before 3.7 uses headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing.

PLUGIN Dologin Security

CVE-2023-4631

MEDIUM CVSS 5.3 2023-09-25

Risk Score

Open Full Technical Breakdown

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2023-4800 - Dologin Security Plugin

CVE-2023-4549 - Dologin Security Plugin

CVE-2023-4631 - Dologin Security Plugin

Company Links

Contact Us