Lucene search
K

120 matches found

OSV
OSV
added 2024/06/04 7:15 a.m.4 views

CVE-2023-37865

Authentication Bypass by Spoofing vulnerability in IP2Location Download IP2Location Country Blocker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Download IP2Location Country Blocker: from n/a through 2.29.1...

5.3CVSS5.8AI score0.0035EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/04 7:11 a.m.29 views

CVE-2023-37865 WordPress IP2Location Country Blocker plugin <= 2.29.1 - IP Bypass Vulnerability vulnerability

Authentication Bypass by Spoofing vulnerability in IP2Location Download IP2Location Country Blocker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Download IP2Location Country Blocker: from n/a through 2.29.1...

5.3CVSS5.3AI score0.0035EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/04 7:11 a.m.14 views

CVE-2023-37865 WordPress IP2Location Country Blocker plugin <= 2.29.1 - IP Bypass Vulnerability vulnerability

Authentication Bypass by Spoofing vulnerability in IP2Location Download IP2Location Country Blocker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Download IP2Location Country Blocker: from n/a through 2.29.1...

5.3CVSS7AI score0.0035EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/06/04 12:0 a.m.14 views

PT-2024-12652 · Ip2Location · Ip2Location Country Blocker

Name of the Vulnerable Software and Affected Versions: Download IP2Location Country Blocker versions 2.29.1 and earlier Description: The issue is related to an Authentication Bypass by Spoofing vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations:...

5.3CVSS7.2AI score0.0035EPSS
Exploits0References7
WPVulnDB
WPVulnDB
added 2024/04/17 12:0 a.m.16 views

Download IP2Location Country Blocker < 2.34.3 - Cross-Site Request Forgery

Description The Download IP2Location Country Blocker plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.34.2. This is due to missing or incorrect nonce validation on the validateapikey function. This makes it possible for unauthenticated attackers...

8.8CVSS6.4AI score0.00241EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/04/15 8:15 a.m.16 views

CVE-2024-32443

Cross-Site Request Forgery CSRF vulnerability in IP2Location Download IP2Location Country Blocker.This issue affects Download IP2Location Country Blocker: from n/a through 2.34.2...

8.8CVSS4.6AI score0.00241EPSS
Exploits0References1
OSV
OSV
added 2024/04/15 8:15 a.m.7 views

CVE-2024-32443

Cross-Site Request Forgery CSRF vulnerability in IP2Location Download IP2Location Country Blocker.This issue affects Download IP2Location Country Blocker: from n/a through 2.34.2...

8.8CVSS5.8AI score0.00241EPSS
Exploits0References1
CVE
CVE
added 2024/04/15 7:59 a.m.56 views

CVE-2024-32443

CVE-2024-32443 is a CSRF vulnerability in the IP2Location Download IP2Location Country Blocker (WordPress plugin). Affected software: IP2Location Country Blocker Download, from n/a through 2.34.2. The vulnerability has high impact per NVD metrics (confidentiality, integrity, and availability all ...

8.8CVSS5.1AI score0.00241EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/04/15 7:59 a.m.14 views

CVE-2024-32443 WordPress IP2Location Country Blocker plugin <= 2.34.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in IP2Location Download IP2Location Country Blocker.This issue affects Download IP2Location Country Blocker: from n/a through 2.34.2...

4.3CVSS7AI score0.00241EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/15 7:59 a.m.25 views

CVE-2024-32443 WordPress IP2Location Country Blocker plugin <= 2.34.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in IP2Location Download IP2Location Country Blocker.This issue affects Download IP2Location Country Blocker: from n/a through 2.34.2...

4.3CVSS4.9AI score0.00241EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/15 12:0 a.m.5 views

PT-2024-24574 · Ip2Location · Ip2Location Country Blocker

Name of the Vulnerable Software and Affected Versions: IP2Location Download IP2Location Country Blocker versions n/a through 2.34.2 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended...

8.8CVSS6.5AI score0.00241EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/04/15 12:0 a.m.5 views

WordPress Plugin IP2Location Country Blocker 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress Plugin IP2Location Country Blocker A...

8.8CVSS6.5AI score0.00241EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/04/12 4:2 p.m.5 views

WordPress IP2Location Country Blocker plugin <= 2.34.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin Download IP2Location Country Blocker versions = 2.34.2...

8.8CVSS7AI score0.00241EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/04/12 12:0 a.m.11 views

WordPress Download IP2Location Country Blocker Plugin <= 2.34.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software Download IP2Location Country Blocker Type Plugin Vulnerable versions = 2.34.2 Fixed in 2.34.3 OWASP Top 10 A4: Insecure Design Classification Cross Site Request Forgery CSRF CVE CVE-2024-32443 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID b294727f0190 Credits...

8.8CVSS6.6AI score0.00241EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/01/24 12:15 p.m.20 views

CVE-2024-22294

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in IP2Location IP2Location Country Blocker.This issue affects IP2Location Country Blocker: from n/a through 2.33.3...

7.5CVSS6AI score0.00453EPSS
Exploits0References1
Prion
Prion
added 2024/01/24 12:15 p.m.20 views

Cross site scripting

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in IP2Location IP2Location Country Blocker.This issue affects IP2Location Country Blocker: from n/a through 2.33.3...

5CVSS7.1AI score0.00453EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/24 12:5 p.m.22 views

CVE-2024-22294 WordPress Download IP2Location Country Blocker Plugin <= 2.33.3 is vulnerable to Sensitive Data Exposure

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in IP2Location IP2Location Country Blocker.This issue affects IP2Location Country Blocker: from n/a through 2.33.3...

5.3CVSS7.7AI score0.00453EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/24 12:5 p.m.17 views

CVE-2024-22294 WordPress Download IP2Location Country Blocker Plugin <= 2.33.3 is vulnerable to Sensitive Data Exposure

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in IP2Location IP2Location Country Blocker.This issue affects IP2Location Country Blocker: from n/a through 2.33.3...

5.3CVSS6.8AI score0.00453EPSS
Exploits0References1
CVE
CVE
added 2024/01/24 12:5 p.m.39 views

CVE-2024-22294

CVE-2024-22294 affects the WordPress plugin IP2Location Country Blocker, classified as Information Disclosure. Public sources confirm that versions up to 2.33.3 store or expose sensitive data via a debug/log mechanism, allowing unauthenticated access to sensitive information. Remediation is to up...

7.5CVSS7.8AI score0.00453EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/01/24 12:0 a.m.3 views

WordPress plugin IP2Location Country Blocker Information Disclosure Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. An information disclosure vulnerability exists in the...

7.5CVSS6.2AI score0.00453EPSS
Exploits0References2
Rows per page
Query Builder