CVE-2020-27615

CRITICAL EXPLOITED IN THE WILD NUCLEI

WordPress <1.6.4 - SQL Injection/XSS

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2020-27615 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io). EIP tracks 2 public exploits from researchers including Sechunt3r, h00die, red0xff, mslavco, including a Metasploit module auxiliary/scanner/http/wp_loginizer_log_sqli. A Nuclei detection template is also available.

AI-analyzed exploit summary The repository contains a functional exploit for CVE-2020-27615, demonstrating unauthenticated time-based blind SQL injection in WordPress Loginizer plugin <= 1.6.3. The exploit includes both a Nuclei template (YAML) and a Python script that automates the detection and exploitation of the vulnerability.

Description

The Loginizer plugin before 1.6.4 for WordPress allows SQL injection (with resultant XSS), related to loginizer_login_failed and lz_valid_ip.

Exploits (2)

github WORKING POC
by Sechunt3r · pythonpoc
https://github.com/Sechunt3r/CVE-POCs/tree/main/CVE-2020-27615

The repository contains a functional exploit for CVE-2020-27615, demonstrating unauthenticated time-based blind SQL injection in WordPress Loginizer plugin <= 1.6.3. The exploit includes both a Nuclei template (YAML) and a Python script that automates the detection and exploitation of the vulnerability.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: WordPress Loginizer plugin <= 1.6.3
No auth needed
Prerequisites: WordPress site with vulnerable Loginizer plugin installed
devstral-2 · analyzed Feb 27, 2026 Full analysis →
metasploit WORKING POC
by h00die, red0xff, mslavco · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/wp_loginizer_log_sqli.rb

This Metasploit module exploits an unauthenticated time-based SQL injection vulnerability in the WordPress Loginizer plugin (versions before 1.6.4). It enumerates user credentials by injecting malicious SQL payloads into the 'log' parameter during login attempts.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: WordPress Loginizer plugin < 1.6.4
No auth needed
Prerequisites: WordPress installation with vulnerable Loginizer plugin · Network access to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

WordPress Loginizer < 1.6.4 – Unauthenticated SQL Injection via `log` Parameter
CRITICALVERIFIEDby intelligent-ears

References (4)

Core 4
Core References
Third Party Advisory x_refsource_misc
https://wpscan.com/vulnerability/10441
Exploit, Third Party Advisory x_refsource_misc
https://wpdeeply.com/loginizer-before-1-6-4-sqli-injection/
Patch, Third Party Advisory x_refsource_misc
https://plugins.trac.wordpress.org/changeset/2401010/loginizer

Scores

CVSS v3 9.8
EPSS 0.5362
EPSS Percentile 98.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2021-04-12
InTheWild.io 2021-04-12
CWE
CWE-89
Status published
Products (1)
loginizer/loginizer < 1.6.4
Published Oct 21, 2020
Tracked Since Feb 18, 2026