Описание
The Titan Anti-spam & Security WordPress plugin before 7.3.1 does not properly checks HTTP headers in order to validate the origin IP address, allowing threat actors to bypass it's block feature by spoofing the headers.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 7.3.1 (исключая)
cpe:2.3:a:cm-wp:titan_anti-spam_\&_security:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 47%
0.00238
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-639
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
The Titan Anti-spam & Security WordPress plugin before 7.3.1 does not properly checks HTTP headers in order to validate the origin IP address, allowing threat actors to bypass it's block feature by spoofing the headers.
EPSS
Процентиль: 47%
0.00238
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-639