EUVD-2025-203209

The Login Lockdown & Protection plugin for WordPress is vulnerable to IP Block Bypass in all versions up to, and including, 2.14. This is due to $unblockkey key being insufficiently random allowing unauthenticated users, with access to an administrative user email, to generate valid unblock keys...

CVE-2025-11707

The Login Lockdown & Protection plugin for WordPress is vulnerable to IP Block Bypass in all versions up to, and including, 2.14. This is due to $unblockkey key being insufficiently random allowing unauthenticated users, with access to an administrative user email, to generate valid unblock keys...

CVE-2025-11707 Login Lockdown & Protection <= 2.14 - IP Block Bypass

The Login Lockdown & Protection plugin for WordPress is vulnerable to IP Block Bypass in all versions up to, and including, 2.14. This is due to $unblockkey key being insufficiently random allowing unauthenticated users, with access to an administrative user email, to generate valid unblock keys...

PT-2025-51054

The Login Lockdown & Protection plugin for WordPress is vulnerable to IP Block Bypass in all versions up to, and including, 2.14. This is due to $unblock key key being insufficiently random allowing unauthenticated users, with access to an administrative user email, to generate valid unblock keys...

EUVD-2024-16575

Malicious code in bioql PyPI...

CVE-2024-0787

phpIPAM version 1.5.1 contains a vulnerability where an attacker can bypass the IP block mechanism to brute force passwords for users by using the 'X-Forwarded-For' header. The issue lies in the 'getuserip' function in 'class.Common.php' at lines 1044 and 1045, where the presence of the...

PT-2024-15819 · Phpipam · Phpipam

Name of the Vulnerable Software and Affected Versions: phpIPAM version 1.5.1 Description: The issue allows an attacker to bypass the IP block mechanism, enabling brute force attacks on user accounts, including the admin account, by utilizing the 'X-Forwarded-For' header. This is due to the get us...

CVE-2021-4226 RSFirewall < 1.1.25 - IP Block Bypass

RSFirewall tries to identify the original IP address by looking at different HTTP headers. A bypass is possible due to the way it is implemented...

WordPress RSFirewall! plugin <= 1.1.24 - IP Block Bypass vulnerability

IP Block Bypass vulnerability discovered by Daniel Ruf in WordPress RSFirewall! plugin versions = 1.1.24. Solution Update the WordPress RSFirewall! plugin to the latest available version at least 1.1.25...

UBUNTU-CVE-2019-12472

An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.18.0 through 1.32.1. It is possible to bypass the limits on IP range blocks $wgBlockCIDRLimit by using the API. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6...

Jax PHP Scripts 1.0/1.34/2.14/3.31 ips2block Banned IP List Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/14482/info Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input. An attacker may leverage any of the...