exploitDog

CVE-2022-4550

Опубликовано: 27 фев. 2023

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

The User Activity WordPress plugin through 1.0.1 checks headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing

Ссылки

https://wpscan.com/vulnerability/a1179959-2044-479f-a5ca-3c9ffc46d00e
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/a1179959-2044-479f-a5ca-3c9ffc46d00e
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:user_activity_project:user_activity:*:*:*:*:*:wordpress:*:*

Версия до 1.0.1 (включая)

EPSS

Процентиль: 34%

0.00136

Низкий

7.5 High

CVSS3

Дефекты

CWE-290

Связанные уязвимости

GHSA-62gq-fgj3-92v6

CVSS3: 7.5

github

почти 3 года назад

The User Activity WordPress plugin through 1.0.1 checks headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing

EPSS

Процентиль: 34%

0.00136

Низкий

7.5 High

CVSS3

Дефекты

CWE-290