4 matches found
CVE-2022-2362
The Download Manager WordPress plugin before 3.2.50 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based download blocking restrictions...
CVE-2022-2362
The Download Manager WordPress plugin before 3.2.50 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based download blocking restrictions...
CVE-2022-2362
CVE-2022-2362 affects the WordPress Download Manager plugin (versions prior to 3.2.50). The root cause is the plugin prioritizing certain HTTP headers over PHP’s REMOTE_ADDR to identify visitor IPs, enabling bypass of IP-based download-block restrictions. Affected product: WordPress Download Mana...
CVE-2022-2362 Download Manager < 3.2.50 - Bypass IP Address Blocking Restriction
The Download Manager WordPress plugin before 3.2.50 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based download blocking restrictions...