CVE-2024-13118

The IP Based Login WordPress plugin before 2.4.1 does not have CSRF checks in some places, which could allow attackers to make logged in users delete all logs via a CSRF attack > MITRE Terms of Use apply – see LICENSE‑MITRE.txt