6 matches found
CVE-2024-13685
The Admin and Site Enhancements ASE WordPress plugin before 7.6.10 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate their value to bypass the login limit feature in the Admin and Site Enhancements ASE WordPress plugin before 7.6.10...
CVE-2024-13685
creationtimestamp| type| source ---|---|--- 2025-03-04 06:30:47+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6345 2025-03-04 08:18:30+00:00| seen| https://t.me/cvedetector/19469...
CVE-2024-13685
The Admin and Site Enhancements ASE WordPress plugin before 7.6.10 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate their value to bypass the login limit feature in the Admin and Site Enhancements ASE WordPress plugin before 7.6.10...
CVE-2024-13685
CVE-2024-13685 affects the Admin and Site Enhancements (ASE) WordPress plugin prior to 7.6.10. The vulnerability arises because ASE retrieves client IP addresses from potentially untrusted headers, enabling an attacker to spoof the IP value and bypass the plugin’s login-limit protection. The issu...
CVE-2024-13685 Admin and Site Enhancements (ASE) < 7.6.10 - Limit Login Attempt Bypass via IP Spoofing
The Admin and Site Enhancements ASE WordPress plugin before 7.6.10 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate their value to bypass the login limit feature in the Admin and Site Enhancements ASE WordPress plugin before 7.6.10...
CVE-2024-13685 Admin and Site Enhancements (ASE) < 7.6.10 - Limit Login Attempt Bypass via IP Spoofing
The Admin and Site Enhancements ASE WordPress plugin before 7.6.10 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate their value to bypass the login limit feature in the Admin and Site Enhancements ASE WordPress plugin before 7.6.10...