Lucene search

K
Ip2locationCountry Blocker*

8 matches found

CVE
CVE
β€’added 2025/02/22 9:15 a.m.β€’48 views

CVE-2025-1361

The IP2Location Country Blocker plugin for WordPress is vulnerable to Regular Information Exposure in all versions up to, and including, 2.38.8 due to missing capability checks on the admin_init() function. This makes it possible for unauthenticated attackers to view the plugin's settings.

7.5CVSS7.3AI score0.00109EPSS
CVE
CVE
β€’added 2022/02/07 4:15 p.m.β€’47 views

CVE-2021-25096

The IP2Location Country Blocker WordPress plugin before 2.26.5 bans can be bypassed by using a specific parameter in the URL

6.5CVSS6.4AI score0.00172EPSS
CVE
CVE
β€’added 2024/04/15 8:15 a.m.β€’44 views

CVE-2024-32443

Cross-Site Request Forgery (CSRF) vulnerability in IP2Location Download IP2Location Country Blocker.This issue affects Download IP2Location Country Blocker: from n/a through 2.34.2.

8.8CVSS6.8AI score0.00171EPSS
CVE
CVE
β€’added 2025/01/24 6:15 p.m.β€’44 views

CVE-2025-24731

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in IP2Location Download IP2Location Country Blocker allows Stored XSS. This issue affects Download IP2Location Country Blocker: from n/a through 2.38.3.

5.9CVSS5.7AI score0.00038EPSS
CVE
CVE
β€’added 2022/02/07 4:15 p.m.β€’37 views

CVE-2021-25095

The IP2Location Country Blocker WordPress plugin before 2.26.5 does not have authorisation and CSRF checks in the ip2location_country_blocker_save_rules AJAX action, allowing any authenticated users, such as subscriber to call it and block arbitrary country, or block all of them at once, preventing...

7.1CVSS6.9AI score0.0016EPSS
CVE
CVE
β€’added 2022/02/07 4:15 p.m.β€’34 views

CVE-2021-25108

The IP2Location Country Blocker WordPress plugin before 2.26.6 does not have CSRF check in the ip2location_country_blocker_save_rules AJAX action, allowing attackers to make a logged in admin block arbitrary country, or block all of them at once, preventing users from accessing the frontend.

7.1CVSS6.8AI score0.00089EPSS
CVE
CVE
β€’added 2024/06/04 7:15 a.m.β€’30 views

CVE-2023-37865

Authentication Bypass by Spoofing vulnerability in IP2Location Download IP2Location Country Blocker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Download IP2Location Country Blocker: from n/a through 2.29.1.

5.3CVSS5.3AI score0.00112EPSS
CVE
CVE
β€’added 2024/01/24 12:15 p.m.β€’30 views

CVE-2024-22294

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in IP2Location IP2Location Country Blocker.This issue affects IP2Location Country Blocker: from n/a through 2.33.3.

7.5CVSS7.6AI score0.00282EPSS