Back to search
CVE-2023-6272
Published: Dec 18, 2023
Modified: Aug 2, 2024
PUBLISHED
Description
The Theme My Login 2FA WordPress plugin before 1.2 does not rate limit 2FA validation attempts, which may allow an attacker to brute-force all possibilities, which shouldn't be too long, as the 2FA codes are 6 digits.
| Vendor | Product | Versions |
|---|---|---|
Unknown | tml-2fa | affected 0 - < 1.2 |
References
https://wpscan.com/vulnerability/a03243ea-fee7-46e4-8037-a228afc5297a
exploit
vdb-entry
technical-description
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now