Enviar #52588: Http Header Injection in [Banhammer] wordpress plugin información

TítuloHttp Header Injection in [Banhammer] wordpress plugin
Descripciónhttp header injection vulnerability that could be manipulated HTTP real IP with x-forwarded-for header 1. install Banhammer wordpress plugin https://wordpress.org/plugins/banhammer/ 2. send request for visit page with x-forwarded-for: [REDACTED_IP] 3. navigate to Armory and set x-forwarded-for then spoofed ip address in response POC: https://drive.google.com/file/d/1CnQYR9qgG8uPVaRCUEkE9rUmmq0tU-Ol/view?usp=sharing https://drive.google.com/file/d/12oiuThHeXM5U92XRapjAZqniFs-RARq1/view?usp=sharing
Usuario
 rezaduty (UID 10530)
Sumisión2022-11-18 20:05 (hace 4 años)
Moderación2022-11-20 13:52 (2 days later)
EstadoAceptado
Entrada de VulDB214042 [Banhammer Plugin en WordPress HTTP Header X-Forwarded-For escalada de privilegios]
Puntos17

AnteriorVisión De ConjuntoPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!