GCVE - cpe:2.3:a:sminozzi:disable_json_api,_login_lockdown,_xmlrpc,_pingback,_stop_user_enumeration_anti_hacker

Approved changes feed: RSS · Atom

cpe:2.3:a:sminozzi:disable_json_api,_login_lockdown,_xmlrpc,_pingback,_stop_user_enumeration_anti_hacker_scan:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Sminozzi (`4a7d4e7d-d5d8-5a88-8f39-2f62168fb260`)
Product	Disable Json Api, Login Lockdown, Xmlrpc, Pingback, Stop User Enumeration Anti Hacker Scan (`9c55039b-a3da-51ba-a274-6cfccdf70678`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-1861`	vulnerable	2026-06-08 06:27:14.739746	Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan <= 4.52 - Missing Authorization to Authenticated (Subscriber+) Table Truncation MEDIUM (4.3) The Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the antihacker_truncate_scan_table() function in all versions up to, and including, 4.52. This makes it possible for authenticated attackers, with subscriber-level access and above, to truncate the scan table. Published: 2024-02-28T09:33:35.483Z Updated: 2026-04-08T17:17:43.305Z Open on db.gcve.eu Reference links https://www.wordfence.com/threat-intel/vulnerabilities/id/b80c8888-e8d6-4458-ae93-8e4182060590?source=cve https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3040447%40antihacker&new=3040447%40antihacker&sfp_email=&sfph_mail=	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-1860`	vulnerable	2026-06-08 06:27:14.737802	Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan <= 4.51 - Missing Authorization to Unauthenticated IP Address Whitelist MEDIUM (6.5) The Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the antihacker_add_whitelist() function in all versions up to, and including, 4.51. This makes it possible for unauthenticated attackers to add their IP Address to the whitelist circumventing protection Published: 2024-02-28T09:33:34.407Z Updated: 2026-04-08T16:47:39.380Z Open on db.gcve.eu Reference links https://www.wordfence.com/threat-intel/vulnerabilities/id/3d365284-73ac-4730-a83d-9202677cf161?source=cve https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3040434%40antihacker&new=3040434%40antihacker&sfp_email=&sfph_mail=	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Disable Json Api, Login Lockdown, Xmlrpc, Pingback, Stop User Enumeration Anti Hacker Scan

PURL mappings

Vulnerability references

Contribute