CVE-2022-4533 in Limit Login Attempts Plus Plugin정보

요약

\~에 의해 MITRE • 2024. 09. 19.

The Limit Login Attempts Plus plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.1.0. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the X-Forwarded-For header with with a different IP Address that will be logged and can be used to bypass settings that may have blocked out an IP address or country from logging in.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

예약하다

2022. 12. 16.

공개

2024. 09. 19.

모더레이션

수락

항목

VDB-278097

CPE

준비됨

CWE

CWE-693 (확인됨)

CVSS

5.3 (CNA)

EPSS

0.00058

KEV

아니요

활동

매우 낮음

부문

Hostingprovider

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2022-4533
NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-4533
CVE Details	https://www.cvedetails.com/cve/CVE-2022-4533/

◂ 이전 개요 다음 ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!