PT-2026-25141
wpDiscuz before 7.6.47 contains an IP spoofing vulnerability in the getIP function that allows attackers to bypass IP-based rate limiting and ban enforcement by trusting untrusted HTTP headers. Attackers can set HTTP CLIENT IP or HTTP X FORWARDED FOR headers to spoof their IP address and circumve...