Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/03/06 6:53 a.m.8 views

CVE-2024-13685

The Admin and Site Enhancements ASE WordPress plugin before 7.6.10 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate their value to bypass the login limit feature in the Admin and Site Enhancements ASE WordPress plugin before 7.6.10...

5.3CVSS7AI score0.00338EPSS
Exploits1References1
Circl
Circl
added 2025/03/04 6:30 a.m.6 views

CVE-2024-13685

creationtimestamp| type| source ---|---|--- 2025-03-04 06:30:47+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6345 2025-03-04 08:18:30+00:00| seen| https://t.me/cvedetector/19469...

5.3CVSS8.7AI score0.00338EPSS
Exploits1References2
NVD
NVD
added 2025/03/04 6:15 a.m.9 views

CVE-2024-13685

The Admin and Site Enhancements ASE WordPress plugin before 7.6.10 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate their value to bypass the login limit feature in the Admin and Site Enhancements ASE WordPress plugin before 7.6.10...

5.3CVSS0.00338EPSS
Exploits1References1
CVE
CVE
added 2025/03/04 6:0 a.m.47 views

CVE-2024-13685

CVE-2024-13685 affects the Admin and Site Enhancements (ASE) WordPress plugin prior to 7.6.10. The vulnerability arises because ASE retrieves client IP addresses from potentially untrusted headers, enabling an attacker to spoof the IP value and bypass the plugin’s login-limit protection. The issu...

5.3CVSS6.8AI score0.00338EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/03/04 6:0 a.m.13 views

CVE-2024-13685 Admin and Site Enhancements (ASE) < 7.6.10 - Limit Login Attempt Bypass via IP Spoofing

The Admin and Site Enhancements ASE WordPress plugin before 7.6.10 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate their value to bypass the login limit feature in the Admin and Site Enhancements ASE WordPress plugin before 7.6.10...

0.00338EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/03/04 6:0 a.m.5 views

CVE-2024-13685 Admin and Site Enhancements (ASE) < 7.6.10 - Limit Login Attempt Bypass via IP Spoofing

The Admin and Site Enhancements ASE WordPress plugin before 7.6.10 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate their value to bypass the login limit feature in the Admin and Site Enhancements ASE WordPress plugin before 7.6.10...

6.5AI score0.00338EPSS
Exploits1References1
Rows per page
Query Builder