CVE-2015-9335

The limit-attempts plugin before 1.1.1 for WordPress has SQL injection during IP address handling.