2 matches found
CVE-2022-4097
The CVE-2022-4097 entry concerns the All-In-One Security (AIOS) WordPress plugin prior to 5.0.8. The root cause is IP spoofing via headers (e.g., HTTP_X_REAL_IP/HTTP_X_FORWARDED_FOR) in get_user_ip_address(), allowing attackers to bypass security controls such as IP blocks, rate limiting, and bru...
CVE-2022-4097 All In One WP Security & Firewall < 5.0.8 - IP Spoofing
The All-In-One Security AIOS WordPress plugin before 5.0.8 is susceptible to IP Spoofing attacks, which can lead to bypassed security features like IP blocks, rate limiting, brute force protection, and more...