CVE-2022-1165
The CVE-2022-1165 issue affects the WordPress plugin “Blackhole for Bad Bots” prior to version 3.3.2. The vulnerability arises because the plugin uses HTTP headers (e.g., CF-CONNECTING-IP, CLIENT-IP) to determine the requester’s IP, which can be spoofed, enabling arbitrary IP blocking or unblocki...