• Skip to main content
  • Skip to primary sidebar
  • Skip to footer

Technologous - Managed IT Solutions Bryan/College Station

  • Home
  • About
    • Areas We Serve
    • Our Leadership
      • Chris Dawson
      • Ian Soares
  • IT Services
    • Managed IT
    • Support IT
    • Cloud IT
  • Blog
  • Request a Consultation
  • Contact
You are here: Home / Blog / WordPress Loginizer Plugin Vulnerability

WordPress Loginizer Plugin Vulnerability

WordPress Loginizer Plugin has Automatically Updated Due To Vulnerability

WordPress Loginizer Plugin Vulnerability! The Loginizer Plugin has Automatically Updated Due To Vulnerability. WordPress tends to take a light-handed approach to manage the legions of plugins compatible with the most popular blogging platform on the planet. This time, however, they’re taking a different approach. They’re forcing a security update to counter a dangerous bug in a wildly popular plugin that more than a million websites around the world use.

The plugin in question is Loginizer. The design is to help websites fight back against brute force attacks by blocking the login function for a given IP address once a certain reaches threshold of login retries.

It’s an essential plugin, honestly, but researchers discovered a fatal flaw in it in the form of an SQL injection issue. The issue could have allowed a hacker to take complete control over the site running the older version of the plugin. Thus, WordPress’s decisive action forces an update on everyone who uses it.

Justification of “Heavy-handed Measures”

While we usually don’t approve of such heavy-handed measures, we feel justified in this particular instance. Had the company not taken the action it did, users would have been slow to update the plugin, and many may not have updated at all or even been aware there was an issue. This way, everyone is protected, and it happened quickly, in an organized manner.
There could have been another implementation in an ideal world, but then, in a perfect world, hackers wouldn’t abuse security flaws and loopholes in the first place. Here, WordPress made the best of several bad decisions and took swift, decisive action designed to keep their massive user base safe and protect their brand image. While it’s less than ideal, we applaud the company for its efforts.

If you use the plugin in question, be aware that you’re getting an update whether you want one or not. In this case, that’s probably not a bad thing.

October 30, 2020 Filed Under: Blog Tagged With: WordPress, WordPress Loginizer Plugin

Primary Sidebar

GET OUR BLOG IN YOUR EMAIL!

Archives

  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • April 2020
  • March 2020
  • February 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • August 2018

Tags

adobe android App Apple attack Attacks Breach Browser Chrome Compromised Credit Card Dark Web Data Database Data Breach Email Facebook gmail Google government hacker Hackers information Internet iOS iPhone malware Microsoft Microsoft Windows 10 office 365 Password Passwords patch Phishing ransomeware Ransomware Scam security Social Media Update Vulnerability Vulnerable Wifi Windows Windows 10

Footer

Contact Us

Address: 3091 University Drive, Unit 210, Bryan, Texas 77802
Phone: 979-217-1226

Our Blog

  • Resolution for Windows 10 Drawing Apps November 24, 2020
  • Older Android Phones May Have Site Loading Issues In 2021 November 23, 2020
  • Apple’s Update for Zero-Day November 20, 2020
  • Luxottica Patient Information Breached November 20, 2020
  • Verizon Ends Yahoo Email Forwarding November 19, 2020

Search

Follow Us

  • Facebook
  • Home
  • About
  • Resources
  • Contact
  • Our Leadership
  • Why Choose Us?
  • IT Services
  • Request a Consultation

Copyright © 2021| All Rights Reserved | Powered By Technologous, LLC | Log in