CVE-2020-35539 in WordPressinfo

Summary

by MITRE • 10/17/2022

A flaw was found in Wordpress 5.1. "X-Forwarded-For" is a HTTP header used to carry the client's original IP address. However, because these headers may very well be added by the client to the requests, if the systems/devices use IP addresses which decelerate at X-Forwarded-For header instead of original IP, various issues may be faced. If the data originating from these fields is trusted by the application developers and processed, any authorization checks originating IP address logging could be manipulated.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservation

12/17/2020

Disclosure

10/17/2022

Moderation

revoked

Entry

VDB-211091

CPE

ready

CWE

CWE-284 (confirmed)

CVSS

9.8 (NVD)

EPSS

0.00000

KEV

Activities

very low

Sector

Hostingprovider, Agriculture, ...

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2020-35539
NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-35539
CVE Details	https://www.cvedetails.com/cve/CVE-2020-35539/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!