Описание
The iQ Block Country WordPress plugin before 1.2.20 does not properly checks HTTP headers in order to validate the origin IP address, allowing threat actors to bypass it's block feature by spoofing the headers.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.2.13 (включая)
cpe:2.3:a:webence:iq_block_country:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 48%
0.00245
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
The iQ Block Country WordPress plugin through 1.2.13 does not properly checks HTTP headers in order to validate the origin IP address, allowing threat actors to bypass it's block feature by spoofing the headers.
EPSS
Процентиль: 48%
0.00245
Низкий
7.5 High
CVSS3
5 Medium
CVSS2