Slavco Mihajloski

**Name of the Vulnerable Software and Affected Versions** Loginizer plugin versions prior to 1.6.4 **Description** The issue allows SQL injection, which can also lead to XSS, and is related to `loginizer login failed` and `lz valid ip`. **Recommendations** For versions prior to 1.6.4, update to version 1.6.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the `loginizer login failed` and `lz valid ip` functions until a patch is available.