Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

wpexploit
wpexploitadded 2022/12/27 12:0 a.m.550 views

WP Limit Login Attempts <= 2.6.4 - IP Spoofing

The plugin prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based restrictions on login forms. Set HTTPCLIENTIP or HTTPXFORWARDEDFOR as used in wplimitgetip to spoof the IP address and bypass the block...

7.5CVSS0.7AI score0.00125EPSS
Exploits2
NVD
NVDadded 2021/10/05 12:15 p.m.9 views

CVE-2021-35503

Afian FileRun 2021.03.26 allows stored XSS via an HTTP X-Forwarded-For header that is mishandled when rendering Activity Logs...

6.1CVSS0.0024EPSS
Exploits1References2
Vulnerability Lab
Vulnerability Labadded 2016/09/06 12:0 a.m.19 views

Parse HTTP X-Forwarded Header Attack Redirect

Document Title: =============== Parse HTTP X-Forwarded Header Attack Redirect References: =========== https://www.vulnerability-lab.com/getcontent.php?id=1944 PoC Video: https://www.youtube.com/watch?v=gpYe-hun8Xk Vulnerability Magazine:...

7.4AI score
Exploits0
Rows per page
Query Builder