Vulnerability in Loginizer WordPress Plugin Affects Over 1 Million Sites

Vulnerability in Loginizer WordPress Plugin Affects Over 1 Million Sites

Author: ZoneWP

Date: October 26, 2020 

Category: Plugin development, SEO, Security, Tips and tricks, Tutorials, Webhosting

WordPress Loginizer Plugin issued a security patch for a vulnerability that could allow a hacker to modify a database through an exploit called Unauthenticated SQL Injection.

In order to trigger an error response, this sort of exploit, also known as a Blind SQL Injection, relies on entering data into an input. The input is a username in this case.

There was no way for the Loginizer WordPress plugin to sanitise the input, which means that it did not have a way to compensate for the erroneous input. This caused the plugin to create a situation with an error.

According to


World of WordPress is hosted by:

Servebolt: next level high performance hosting.

While others try to add more components to their hosting to make it go faster, we decided to build our hosting cloud fast from the ground up. We did so by stripping out everything we knew was deadweight.