Welcome Guest. Please Login or Register  


You are here: Index > Softaculous Inc. > News and Announcements > Topic : Loginizer 1.6.4 Security Fix



Threaded Mode | Print  

 Loginizer 1.6.4 Security Fix (0 Replies, Read 49272 times)
Brijesh
Group: Softaculous Team
Post Group: Super Member
Posts: 4792
Status:
Hi,

We released Loginizer 1.6.4 on 16th October 2020 which includes two security issues fixed.

Please check if you are running running 1.6.4, if not we recommend you to upgrade to 1.6.4 immediately.

We did not disclose the details about security fix earlier so the users get time to upgrade the plugin in their WordPress installations.

WordPress team helped auto upgrading Loginizer plugin to 1.6.4 for a large percentage of users even for users who did not enable auto upgrade because this was a security fix. We also pushed the security upgrade via Softaculous so the WordPress installations done by Softaculous and having Loginizer were upgraded automatically. These two options helped upgrade a large portion of installations.

Following is the list of security issues fixed in Loginizer 1.6.4:

1) [Security Fix] : A properly crafted username used to login could lead to SQL injection. This has been fixed by using the prepare function in PHP which prepares the SQL query for safe execution.

2) [Security Fix] : If the IP HTTP header was modified to have a null byte it could lead to stored XSS. This has been fixed by properly sanitizing the IP HTTP header before using the same.

We would like to Thank Slavco from WPdeeply.com and WordPress.org Plugins team for helping us in this matter.

For any questions related to this version or upgrading difficulty feel free to contact us at support@loginizer.com

Regards,
The Loginizer Team

-----------------------
Loginizer - WordPress Security Plugin
Follow us on Twitter
IP: --   

« Previous    Next »

Threaded Mode | Print  



Jump To :


Users viewing this topic
1 guests, 0 users.


All times are GMT. The time now is December 4, 2020, 8:02 pm.

  Powered By AEF 1.0.8 © 2007-2008 Electron Inc.Queries: 11  |  Page Created In:0.677