3 matches found
CVE-2022-1613
The Restricted Site Access WordPress plugin before 7.3.2 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based limitations in certain situations...
CVE-2022-1613
The CVE-2022-1613 issue affects the Restricted Site Access WordPress plugin (versions before 7.3.2). The root cause is the plugin prioritizing certain HTTP headers over PHP’s REMOTE_ADDR when obtaining a visitor IP, enabling bypass of IP-based restrictions in some scenarios. The vulnerability is ...
CVE-2022-1613 Restricted Site Access < 7.3.2 - Access Bypass via IP Spoofing
The Restricted Site Access WordPress plugin before 7.3.2 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based limitations in certain situations...