2 matches found
WordPress coreActivity plugin < 2.1 - Unauthenticated IP Spoofing vulnerability
Unauthenticated IP Spoofing vulnerability discovered by Erwan LR WPScan in WordPress Plugin coreActivity: Activity Logging plugin for WordPress versions 2.1...
Royal Elementor Addons < 1.3.95 - Unauthenticated IP Spoofing
Description The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to IP Address Spoofing due to insufficient IP address validation. This makes it possible for unauthenticated attackers to spoof their IP addresses. Set any of the following server headers as used in getclienti...