Every CVE whose affected-product data names Wpdo Dologin Security, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2023-4800 — CVSS 6.5 (medium): The DoLogin Security WordPress plugin before 3.7.1 does not restrict the access of a widget that shows the IPs of failed logins to low…
CVE-2023-4549 — CVSS 6.1 (medium): The DoLogin Security WordPress plugin before 3.7 does not properly sanitize IP addresses coming from the X-Forwarded-For header, which can…
CVE-2023-4631 — CVSS 5.3 (medium): The DoLogin Security WordPress plugin before 3.7 uses headers such as the X-Forwarded-For to retrieve the IP address of the request, which…