6 matches found
CVE-2023-4279
This User Activity Log WordPress plugin before 1.6.7 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to hide the source of malicious traffic...
CVE-2023-4279
This User Activity Log WordPress plugin before 1.6.7 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to hide the source of malicious traffic...
CVE-2023-4279 User Activity Log < 1.6.7 - IP Spoofing
This User Activity Log WordPress plugin before 1.6.7 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to hide the source of malicious traffic...
CVE-2023-4279
The CVE-2023-4279 entry concerns the WordPress plugin “User Activity Log” prior to version 1.6.7. The vulnerability arises because the plugin retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate the perceived source of traffic, which could facilitat...
CVE-2022-4367
Rejected reason: Duplicate, use CVE-2023-4279 instead...
Open redirect
Rejected reason: Duplicate, use CVE-2023-4279 instead...