Limit Login Attempts (Spam Protection)

Vulnerabilities 14Slug wp-limit-failed-login-attemptsLatest version 5.6WordPress.org →

Minimum safe version

5.6

Update to 5.6 or later to address 14 fixable vulnerabilities

Latest available5.6 ✓

Critical 9.3

2024-12-13< 5.6

CVE-2024-54234

CVE Patchstack Wordfence

Medium 5.3

2024-10-08< 5.4

CVE-2022-4534

CVE Patchstack Wordfence

N/A

2021-04-22< 3.1

Limit Login Attempts (Spam Protection) <= 2.9 - Cross-Site Request Forgery to Arbitrary Plugin Installation/Activation

Wordfence

N/A

< 3.1

Multiple WP-Buy Plugins - Arbitrary Plugin Installation/Activation via CSRF

WPScan

N/A

2021-04-22< 2.9

WordPress Login Protection – Limit Failed Login Attempts plugin <= 2.8 - Arbitrary Plugin Installation and Activation vulnerability

Patchstack

Critical 9.8

2022-03-28< 5.1

CVE-2022-0787

CVE Patchstack Wordfence WPScan

High 8.8

2021-05-14< 2.9

CVE-2021-24190

CVE

High 8.8

2021-05-14< 2.9

CVE-2021-24189

CVE

High 8.8

2021-05-14< 2.9

CVE-2021-24188

CVE

High 8.8

2021-05-14< 2.9

CVE-2021-24194

CVE Wordfence

High 8.8

2021-05-14< 2.9

CVE-2021-24195

CVE WPScan

High 8.8

2021-05-14< 2.9

CVE-2021-24192

CVE

High 8.8

2021-05-14< 2.9

CVE-2021-24193

CVE

High 8.8

2021-05-14< 2.9

CVE-2021-24191

CVE