### -- [ CSRF | WP Login Security and History v1.0 ]

Info:

✖ Proof of concept is provided for informational purposes only.

✖ Successful exploitation requires administrator privileges.

✖ Injected payload will trigger an alert message with the text «Injected!».

✖ Tested on WordPress v5.7 + WP Login Security and History plugin v1.0 [2021-03-29]


Settings:

Target URL*:

* Only domain name needed!



Login Captcha Options:

Login Captcha:


Show Captcha After:



Login Blocker Options:

Login Blocker:


Block Login After (attempts, minimum is 3):


Login Blocker Time (minutes, minimum is 3):


Blocker page Message: