Support » Plugin: Limit Login Attempts Reloaded » Bad code risk score

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author WPChef

    (@wpchefgadget)

    Hi,

    Thank you for this! We have verified the code. Here is a list of problems:

    1. A cookie is set not via https.
    2. No default option in a switch block.
    3. Use of md5(). We do not use it to secure sensitive information though.
    4. A get variable is not secured. It can be set by the admins only though.

    Although the issues are minor, we’ll address them anyway.

    Plugin Author WPChef

    (@wpchefgadget)

    Hi,

    We have uploaded a new version of the plugin with these issues fixed.

    Thank you!

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Bad code risk score’ is closed to new replies.