4 matches found
CVE-2024-3050
The CVE-2024-3050 entry concerns the WordPress plugin Site Reviews. Public records show the plugin before version 7.0.0 retrieves client IP addresses from untrusted headers, allowing an attacker to manipulate the value and potentially bypass IP-based blocking. Red Hat’s advisory and Patchstack de...
CVE-2024-3050 Site Reviews < 7.0.0 - IP Spoofing
The Site Reviews WordPress plugin before 7.0.0 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to bypass IP-based blocking...
CVE-2024-3050 Site Reviews < 7.0.0 - IP Spoofing
The Site Reviews WordPress plugin before 7.0.0 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to bypass IP-based blocking...
WordPress Site Reviews Plugin < 7.0.0 is vulnerable to Bypass Vulnerability
Software Site Reviews Type Plugin Vulnerable versions 7.0.0 Fixed in 7.0.0 OWASP Top 10 A4: Insecure Design Classification Bypass Vulnerability CVE CVE-2024-3050 Patch priority Low CVSS severity Low 5.3 Developer Gemini Labs PSID f2c354c46a11 Credits Sławomir Zakrzewski Maksymilian Kubiak AFINE...