2 matches found
CVE-2022-1600 YOP Poll < 6.4.3 - IP Spoofing
The YOP Poll WordPress plugin before 6.4.3 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based limitations to vote in certain situations...
CVE-2022-1600
The CVE-2022-1600 entry concerns the WordPress YOP Poll plugin prior to version 6.4.3. The underlying issue is that the plugin prioritizes obtaining a visitor’s IP from certain HTTP headers over PHP’s REMOTE_ADDR, enabling bypass of IP-based voting limitations in some scenarios. Affected: YOP Pol...