7 matches found
CVE-2022-4550
The User Activity WordPress plugin through 1.0.1 checks headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing...
WordPress User Activity Plugin <= 1.0.1 is vulnerable to Content Spoofing
Software User Activity Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A6: Security Misconfiguration Classification Content Spoofing CVE CVE-2022-4550 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ff21fa6bc6ad Credits rezaduty Required privilege...
CVE-2022-4550
The User Activity WordPress plugin through 1.0.1 checks headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing...
CVE-2022-4550
The User Activity WordPress plugin through 1.0.1 checks headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing...
CVE-2022-4550
CVE-2022-4550 concerns the WordPress plugin “User Activity” up to version 1.0.1. The vulnerability arises because the plugin checks HTTP headers such as X-Forwarded-For to obtain the request IP address, which can allow IP spoofing. The documented impact (per NVD) indicates a high severity (CVSS v...
CVE-2022-4550 User Activity <= 1.0.1 - IP Spoofing
The User Activity WordPress plugin through 1.0.1 checks headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing...
CVE-2022-4550 User Activity <= 1.0.1 - IP Spoofing
The User Activity WordPress plugin through 1.0.1 checks headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing...