CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2025/05/23 1:3 a.m.•3 views

CVE-2022-4100

The WP Cerber Security plugin for WordPress is vulnerable to IP Protection bypass in versions up to, and including 9.4 due to the plugin improperly checking for a visitor's IP address. This makes it possible for an attacker whose IP address has been blocked to bypass this control by setting the...

5.3CVSS6.7AI score0.0008EPSS

RedhatCVE•added 2025/05/23 1:2 a.m.•4 views

CVE-2022-2939

The WP Cerber Security plugin for WordPress is vulnerable to security protection bypass in versions up to, and including 9.0, that makes user enumeration possible. This is due to improper validation on the value supplied through the 'author' parameter found in the /cerber-load.php file. In...

5.3CVSS6.7AI score0.00413EPSS

RedhatCVE•added 2025/05/23 12:33 a.m.•6 views

CVE-2022-4417

The WP Cerber Security, Anti-spam & Malware Scan WordPress plugin before 9.3.3 does not properly block access to the REST API users endpoint when the blog is in a subdirectory, which could allow attackers to bypass the restriction in place and list users...

5.3CVSS6.7AI score0.0044EPSS

Patchstack•added 2024/09/02 3:47 a.m.•3 views

WordPress WP Cerber Security plugin <= 9.4 - IP Protection Bypass vulnerability

IP Protection Bypass vulnerability discovered by chihyu in WordPress Plugin WP Cerber Security versions = 9.4...

5.3CVSS7AI score0.0008EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/09/02 12:0 a.m.•12 views

WordPress WP Cerber Security Plugin <= 9.4 is vulnerable to Bypass Vulnerability

Software WP Cerber Security Type Plugin Vulnerable versions = 9.4 Fixed in 9.5 OWASP Top 10 A4: Insecure Design Classification Bypass Vulnerability CVE CVE-2022-4100 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID e81948cda6a5 Credits chihyu Required privilege...

5.3CVSS6.6AI score0.0008EPSS

NVD•added 2024/08/31 9:15 a.m.•10 views

CVE-2022-4100

5.3CVSS0.0008EPSS

Exploits0References2

Vulnrichment•added 2024/08/31 8:35 a.m.•8 views

CVE-2022-4100 WP Cerber Security <= 9.4 - IP Protection Bypass

5.3CVSS6.7AI score0.0008EPSS

Exploits0References2

CVE•added 2024/08/31 8:35 a.m.•48 views

CVE-2022-4100

CVE-2022-4100 affects the WP Cerber Security, Anti-spam & Malware Scan WordPress plugin. It allows an IP Protection bypass in all versions up to and including 9.4 by relying on the visitor IP check, enabling an attacker whose IP is blocked to bypass the block by sending X-Forwarded-For: . The con...

5.3CVSS5.5AI score0.0008EPSS

CNNVD•added 2024/08/31 12:0 a.m.•2 views

WordPress plugin WP Cerber Security 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

5.3CVSS6.6AI score0.0008EPSS

Exploits0References4

OpenVAS•added 2023/10/30 12:0 a.m.•12 views

WordPress WP Cerber Security, Anti-spam & Malware Scan Plugin < 9.1 Authorization Bypass Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:cerber:wpcerbersecurity%2canti-spam%26malwarescan";...

5.3CVSS5.4AI score0.00413EPSS

OpenVAS•added 2023/10/30 12:0 a.m.•13 views

WordPress WP Cerber Security, Anti-spam & Malware Scan Plugin < 9.2 XSS Vulnerability

7.2CVSS7AI score0.01805EPSS

OpenVAS•added 2023/10/30 12:0 a.m.•12 views

WordPress WP Cerber Security, Anti-spam & Malware Scan Plugin < 9.3.3 Authorization Bypass Vulnerability

5.3CVSS5.4AI score0.0044EPSS

ATTACKERKB•added 2023/10/20 7:15 a.m.•4 views

CVE-2022-4712

The WP Cerber Security plugin for WordPress is vulnerable to stored cross-site scripting via the log parameter when logging in to the site in versions up to, and including, 9.1. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute wheneve...

7.2CVSS6.8AI score0.01805EPSS

Exploits0References3

Prion•added 2023/10/20 7:15 a.m.•19 views

Cross site scripting

5.8CVSS6AI score0.01805EPSS

CVE•added 2023/10/20 6:35 a.m.•33 views

CVE-2022-4712

The CVE-2022-4712 entry applies to the WordPress WP Cerber Security plugin (versions up to 9.1). The vulnerability is a stored cross-site scripting (XSS) in the log parameter during login, exploitable by unauthenticated attackers. Impact: injected scripts execute in pages accessed by users, with ...

7.2CVSS5.9AI score0.01805EPSS

Vulnrichment•added 2023/10/20 6:35 a.m.•4 views

CVE-2022-4712 WP Cerber Security <= 9.1 - Unauthenticated Stored Cross-Site Scripting

7.2CVSS6.8AI score0.01805EPSS

Exploits0References2

Positive Technologies•added 2023/10/19 12:0 a.m.•4 views

PT-2023-15174 · WordPress · Wp Cerber Security

Name of the Vulnerable Software and Affected Versions: WP Cerber Security plugin for WordPress versions up to, and including, 9.1 Description: The issue allows unauthenticated attackers to inject arbitrary web scripts in pages via the log parameter when logging in to the site. This makes it...

7.2CVSS6.8AI score0.01805EPSS

Exploits0References5

NVD•added 2023/01/02 10:15 p.m.•9 views

CVE-2022-4417

5.3CVSS5.3AI score0.0044EPSS