CVE-2025-3766 | Login Lockdown & Protection Plugin up to 2.11 on WordPress ajax_run_tool authorization

Inserito da Angelo Barbosa | Mag 6, 2025 | CVE

A vulnerability, which was classified as critical, was found in Login Lockdown & Protection Plugin up to 2.11 on WordPress. Affected is the function ajax_run_tool. The manipulation leads to missing authorization.

This vulnerability is traded as CVE-2025-3766. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-3766 | Login Lockdown & Protection Plugin up to 2.11 on WordPress ajax_run_tool authorization

Post correlati

CVE-2024-27954 | WP Automatic Automatic Plugin up to 3.92.0 on WordPress path traversal

CVE-2024-3772 | Pydantic up to 1.10.12/2.3.x Email redos

VDB-256317 | Backdoor.Win32.Agent.amt FTP Server missing authentication

CVE-2024-8646 | Eclipse Glassfish up to 7.0.9 redirect