Lucene search
K

4 matches found

CVE
CVE
added 2024/05/29 6:0 a.m.70 views

CVE-2024-3050

The CVE-2024-3050 entry concerns the WordPress plugin Site Reviews. Public records show the plugin before version 7.0.0 retrieves client IP addresses from untrusted headers, allowing an attacker to manipulate the value and potentially bypass IP-based blocking. Red Hat’s advisory and Patchstack de...

9.1CVSS9.2AI score0.00565EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/29 6:0 a.m.20 views

CVE-2024-3050 Site Reviews < 7.0.0 - IP Spoofing

The Site Reviews WordPress plugin before 7.0.0 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to bypass IP-based blocking...

6.7AI score0.00565EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/05/29 6:0 a.m.46 views

CVE-2024-3050 Site Reviews < 7.0.0 - IP Spoofing

The Site Reviews WordPress plugin before 7.0.0 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to bypass IP-based blocking...

9.4AI score0.00565EPSS
Exploits2References1
Patchstack
Patchstack
added 2024/05/29 12:0 a.m.17 views

WordPress Site Reviews Plugin < 7.0.0 is vulnerable to Bypass Vulnerability

Software Site Reviews Type Plugin Vulnerable versions 7.0.0 Fixed in 7.0.0 OWASP Top 10 A4: Insecure Design Classification Bypass Vulnerability CVE CVE-2024-3050 Patch priority Low CVSS severity Low 5.3 Developer Gemini Labs PSID f2c354c46a11 Credits Sławomir Zakrzewski Maksymilian Kubiak AFINE...

9.1CVSS6.5AI score0.00565EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder