CVE ID: CVE-2023-4800
Vulnerability Type: Sensitive Data Exposure
Description: The DoLogin Security plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the dashboard widget in versions up to, and including, 3.7. This makes it possible for authenticated attackers to view the login attempts log.
Steps to reproduce: Enable the plugin and navigate to dashboard as authorized user.
Reference: