4 matches found
CVE-2022-4533
The Limit Login Attempts Plus plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.1.0. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the...
CVE-2022-4533
CVE-2022-4533 affects the WordPress plugin Limit Login Attempts Plus up to version 1.1.0. The vulnerability stems from insufficient restrictions on where the IP Address is retrieved for request logging and login restrictions, allowing an attacker to spoof the IP via the X-Forwarded-For header and...
CVE-2022-4533 Limit Login Attempts Plus <= 1.1.0 - IP Address Spoofing to Protection Mechanism Bypass
The Limit Login Attempts Plus plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.1.0. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the...
WordPress Limit Login Attempts Plus Plugin <= 1.1.0 is vulnerable to Bypass Vulnerability
Software Limit Login Attempts Plus Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A4: Insecure Design Classification Bypass Vulnerability CVE CVE-2022-4533 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID f25a9e92bf81 Credits rezaduty Required privilege...