### -- [ CSRF | WP Login Security and History v1.0 ]


✖ Proof of concept is provided for informational purposes only.

✖ Successful exploitation requires administrator privileges.

✖ Injected payload will trigger an alert message with the text «Injected!».

✖ Tested on WordPress v5.7 + WP Login Security and History plugin v1.0 [2021-03-29]


Target URL*:

* Only domain name needed!

Login Captcha Options:

Login Captcha:

Show Captcha After:

Login Blocker Options:

Login Blocker:

Block Login After (attempts, minimum is 3):

Login Blocker Time (minutes, minimum is 3):

Blocker page Message: