Design/Logic Flaw

2022-06-2011:15:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

33.9%

JSON

The WP-EMail WordPress plugin before 2.69.0 prioritizes getting a visitor’s IP from certain HTTP headers over PHP’s REMOTE_ADDR, which makes it possible to bypass IP-based anti-spamming restrictions.

CPENameOperatorVersion
wp-emaillt2.69.0

CPE	Name	Operator	Version
	wp-email	lt	2.69.0

References

wpscan.com/vulnerability/a5940d0b-6b88-4418-87e2-02c0897bc2f1

0.001 Low

EPSS

Percentile

33.9%

JSON

Related for PRION:CVE-2022-1614