Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:34 a.m.7 views

CVE-2022-4533

The Limit Login Attempts Plus plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.1.0. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the...

5.3CVSS6.6AI score0.00218EPSS
Exploits0References1
CVE
CVE
added 2024/09/19 3:59 a.m.50 views

CVE-2022-4533

CVE-2022-4533 affects the WordPress plugin Limit Login Attempts Plus up to version 1.1.0. The vulnerability stems from insufficient restrictions on where the IP Address is retrieved for request logging and login restrictions, allowing an attacker to spoof the IP via the X-Forwarded-For header and...

5.3CVSS5.6AI score0.00218EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/09/19 3:59 a.m.12 views

CVE-2022-4533 Limit Login Attempts Plus <= 1.1.0 - IP Address Spoofing to Protection Mechanism Bypass

The Limit Login Attempts Plus plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.1.0. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the...

5.3CVSS6.6AI score0.00218EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/09/19 12:0 a.m.10 views

WordPress Limit Login Attempts Plus Plugin <= 1.1.0 is vulnerable to Bypass Vulnerability

Software Limit Login Attempts Plus Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A4: Insecure Design Classification Bypass Vulnerability CVE CVE-2022-4533 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID f25a9e92bf81 Credits rezaduty Required privilege...

5.3CVSS6.6AI score0.00218EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder