12 matches found
EUVD-2023-52786
Malicious code in bioql PyPI...
EUVD-2022-24902
Malicious code in bioql PyPI...
CVE-2023-48753 WordPress Restricted Site Access plugin <= 7.4.1 - IP Restriction Bypass vulnerability
Authentication Bypass by Spoofing vulnerability in 10up Restricted Site Access allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Restricted Site Access: from n/a through 7.4.1...
CVE-2023-48753 WordPress Restricted Site Access plugin <= 7.4.1 - IP Restriction Bypass vulnerability
Authentication Bypass by Spoofing vulnerability in 10up Restricted Site Access allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Restricted Site Access: from n/a through 7.4.1...
Restricted Site Access <= 7.4.1 - IP Spoofing to Protection Mechanism Bypass
Description The Restricted Site Access plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 6.3.0. This is due to insufficient restrictions on where the IP Address information is being retrieved for user IP Addresses. This makes it possible for attackers to...
WordPress Restricted Site Access Plugin <= 7.4.1 is vulnerable to Bypass Vulnerability
Software Restricted Site Access Type Plugin Vulnerable versions = 7.4.1 Fixed in 7.5.0 OWASP Top 10 A5: Security Misconfiguration Classification Bypass Vulnerability CVE CVE-2023-48753 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 4346ee127b88 Credits Mika Required...
CVE-2022-1613
The Restricted Site Access WordPress plugin before 7.3.2 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based limitations in certain situations...
CVE-2022-1613 Restricted Site Access < 7.3.2 - Access Bypass via IP Spoofing
The Restricted Site Access WordPress plugin before 7.3.2 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based limitations in certain situations...
CVE-2022-1613
The CVE-2022-1613 issue affects the Restricted Site Access WordPress plugin (versions before 7.3.2). The root cause is the plugin prioritizing certain HTTP headers over PHP’s REMOTE_ADDR when obtaining a visitor IP, enabling bypass of IP-based restrictions in some scenarios. The vulnerability is ...
WordPress plugin Restricted Site Access 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...
PT-2022-14007 · WordPress · Restricted Site Access
Name of the Vulnerable Software and Affected Versions: Restricted Site Access WordPress plugin versions prior to 7.3.2 Description: The issue allows bypassing IP-based limitations in certain situations due to the plugin prioritizing a visitor's IP from certain HTTP headers over PHP's REMOTE ADDR...
Restricted Site Access < 7.3.2 - Access Bypass via IP Spoofing
The plugin prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based limitations in certain situations. PoC Set HTTPCFCONNECTINGIP or any of the other headers in getclientipaddress to spoof the IP address...