CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-35589

The limit-login-attempts-reloaded plugin before 2.17.4 for WordPress allows wp-admin/options-general.php?page=limit-login-attempts&tab= XSS. A malicious user can cause an administrator user to supply dangerous content to the vulnerable page, which is then reflected back to the user and executed by the web browser. The most common mechanism for delivering malicious content is to include it as a parameter in a URL that is posted publicly or e-mailed directly to victims.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.8%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

Products affected by CVE-2020-35589

Limitloginattempts » Limit Login Attempts Reloaded » Version: 2.10.0

cpe:2.3:a:limitloginattempts:limit_login_attempts_reloaded:2.10.0
Limitloginattempts » Limit Login Attempts Reloaded » Version: 2.10.1

cpe:2.3:a:limitloginattempts:limit_login_attempts_reloaded:2.10.1
Limitloginattempts » Limit Login Attempts Reloaded » Version: 2.11.0

cpe:2.3:a:limitloginattempts:limit_login_attempts_reloaded:2.11.0
Limitloginattempts » Limit Login Attempts Reloaded » Version: 2.12.0

cpe:2.3:a:limitloginattempts:limit_login_attempts_reloaded:2.12.0
Limitloginattempts » Limit Login Attempts Reloaded » Version: 2.12.1

cpe:2.3:a:limitloginattempts:limit_login_attempts_reloaded:2.12.1
Limitloginattempts » Limit Login Attempts Reloaded » Version: 2.12.2

cpe:2.3:a:limitloginattempts:limit_login_attempts_reloaded:2.12.2
Limitloginattempts » Limit Login Attempts Reloaded » Version: 2.12.3

cpe:2.3:a:limitloginattempts:limit_login_attempts_reloaded:2.12.3
Limitloginattempts » Limit Login Attempts Reloaded » Version: 2.13.0

cpe:2.3:a:limitloginattempts:limit_login_attempts_reloaded:2.13.0
Limitloginattempts » Limit Login Attempts Reloaded » Version: 2.14.0

cpe:2.3:a:limitloginattempts:limit_login_attempts_reloaded:2.14.0
Limitloginattempts » Limit Login Attempts Reloaded » Version: 2.15.0

cpe:2.3:a:limitloginattempts:limit_login_attempts_reloaded:2.15.0
Limitloginattempts » Limit Login Attempts Reloaded » Version: 2.15.1

cpe:2.3:a:limitloginattempts:limit_login_attempts_reloaded:2.15.1
Limitloginattempts » Limit Login Attempts Reloaded » Version: 2.15.2

cpe:2.3:a:limitloginattempts:limit_login_attempts_reloaded:2.15.2
Limitloginattempts » Limit Login Attempts Reloaded » Version: 2.17.0

cpe:2.3:a:limitloginattempts:limit_login_attempts_reloaded:2.17.0
Limitloginattempts » Limit Login Attempts Reloaded » Version: 2.17.1

cpe:2.3:a:limitloginattempts:limit_login_attempts_reloaded:2.17.1
Limitloginattempts » Limit Login Attempts Reloaded » Version: 2.17.2

cpe:2.3:a:limitloginattempts:limit_login_attempts_reloaded:2.17.2
Limitloginattempts » Limit Login Attempts Reloaded » Version: 2.17.3

cpe:2.3:a:limitloginattempts:limit_login_attempts_reloaded:2.17.3
Limitloginattempts » Limit Login Attempts Reloaded » Version: 2.7.4

cpe:2.3:a:limitloginattempts:limit_login_attempts_reloaded:2.7.4
Limitloginattempts » Limit Login Attempts Reloaded » Version: 2.8.0

cpe:2.3:a:limitloginattempts:limit_login_attempts_reloaded:2.8.0
Limitloginattempts » Limit Login Attempts Reloaded » Version: 2.8.1

cpe:2.3:a:limitloginattempts:limit_login_attempts_reloaded:2.8.1
Limitloginattempts » Limit Login Attempts Reloaded » Version: 2.9.0

cpe:2.3:a:limitloginattempts:limit_login_attempts_reloaded:2.9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-35589

Products

Pricing

Contact Us