120 matches found
CVE-2025-1502
The IP2Location Redirection plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'downloadip2locationredirectionbackup' AJAX action in all versions up to, and including, 1.33.3. This makes it possible for unauthenticated attackers to download...
CVE-2025-1502 IP2Location Redirection <= 1.33.3 - Missing Authorization to Unauthenticated Settings Export
The IP2Location Redirection plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'downloadip2locationredirectionbackup' AJAX action in all versions up to, and including, 1.33.3. This makes it possible for unauthenticated attackers to download...
CVE-2025-1502 IP2Location Redirection <= 1.33.3 - Missing Authorization to Unauthenticated Settings Export
The IP2Location Redirection plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'downloadip2locationredirectionbackup' AJAX action in all versions up to, and including, 1.33.3. This makes it possible for unauthenticated attackers to download...
CVE-2025-1502
CVE-2025-1502 affects the WordPress plugin IP2Location Redirection (versions up to and including 1.33.3). The issue is a missing capability check on the AJAX action download_ip2location_redirection_backup , allowing unauthenticated attackers to download the plugin’s settings. Public sources in th...
WordPress plugin IP2Location Redirection 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-9159 · WordPress · Ip2Location Redirection
Name of the Vulnerable Software and Affected Versions: IP2Location Redirection plugin for WordPress versions up to, and including, 1.33.3 Description: The issue allows unauthorized access to data due to a missing capability check on the 'download ip2location redirection backup' AJAX action. This...
WordPress IP2Location Redirection plugin <= 1.33.3 - Missing Authorization to Unauthenticated Settings Export vulnerability
Missing Authorization to Unauthenticated Settings Export vulnerability discovered by Krzysztof Zając in WordPress Plugin IP2Location Redirection versions = 1.33.3...
CVE-2025-1361
The IP2Location Country Blocker plugin for WordPress is vulnerable to Regular Information Exposure in all versions up to, and including, 2.38.8 due to missing capability checks on the admininit function. This makes it possible for unauthenticated attackers to view the plugin's settings...
CVE-2025-1361 IP2Location Country Blocker <= 2.38.8 - Missing Authorization to Unauthenticated Information Exposure via admin_init Function
The IP2Location Country Blocker plugin for WordPress is vulnerable to Regular Information Exposure in all versions up to, and including, 2.38.8 due to missing capability checks on the admininit function. This makes it possible for unauthenticated attackers to view the plugin's settings...
CVE-2025-1361
CVE-2025-1361 affects the IP2Location Country Blocker WordPress plugin. The vulnerability stems from missing capability checks in admin_init(), enabling unauthenticated attackers to view the plugin’s settings. It affects all versions up to and including 2.38.8. The connected Red Hat and Wordfence...
CVE-2025-1361 IP2Location Country Blocker <= 2.38.8 - Missing Authorization to Unauthenticated Information Exposure via admin_init Function
The IP2Location Country Blocker plugin for WordPress is vulnerable to Regular Information Exposure in all versions up to, and including, 2.38.8 due to missing capability checks on the admininit function. This makes it possible for unauthenticated attackers to view the plugin's settings...
WordPress plugin IP2Location Country Blocker 授权问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. An authorization issue vulnerability exists in...
WordPress IP2Location Country Blocker plugin <= 2.38.8 - Missing Authorization to Unauthenticated Information Exposure via admin_init Function vulnerability
Missing Authorization to Unauthenticated Information Exposure via admininit Function vulnerability discovered by abrahack in WordPress Plugin Download IP2Location Country Blocker versions = 2.38.8...
CVE-2025-24731
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in IP2Location Download IP2Location Country Blocker allows Stored XSS. This issue affects Download IP2Location Country Blocker: from n/a through 2.38.3...
CVE-2025-24731
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in IP2Location Download IP2Location Country Blocker ip2location-country-blocker allows Stored XSS.This issue affects Download IP2Location Country Blocker: from n/a through = 2.38.3...
CVE-2025-24731 WordPress IP2Location Country Blocker plugin <= 2.38.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in IP2Location Download IP2Location Country Blocker ip2location-country-blocker allows Stored XSS.This issue affects Download IP2Location Country Blocker: from n/a through = 2.38.3...
CVE-2025-24731
CVE-2025-24731 = Stored Cross-Site Scripting in WordPress plugin “IP2Location Country Blocker” (versions up to 2.38.3). The issue arises from improper input neutralization during web page generation, enabling attackers to inject malicious scripts that could be stored and later executed in unsuspe...
WordPress IP2Location Country Blocker plugin <= 2.38.3 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Malvin Valerian Gultom in WordPress Plugin Download IP2Location Country Blocker versions = 2.38.3...
PT-2025-5545 · Ip2Location · Ip2Location Country Blocker
Name of the Vulnerable Software and Affected Versions: IP2Location Country Blocker versions prior to 2.38.3 Description: The issue is related to improper neutralization of input during web page generation, which allows for stored cross-site scripting XSS attacks. This means that an attacker can...
CVE-2023-37865
Authentication Bypass by Spoofing vulnerability in IP2Location Download IP2Location Country Blocker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Download IP2Location Country Blocker: from n/a through 2.29.1...