Lucene search
+L
WebenceIq Block Country

4 matches found

CVE
CVE
added 2022/04/11 2:40 p.m.82 views

CVE-2022-0246

CVE-2022-0246 affects WordPress plugin iQ Block Country prior to 1.2.13. The plugin’s backup/import flow extracts uploaded zip contents file-by-file and checks for existence before deletion, enabling a Zip Slip path where an authorized user can cause arbitrary file deletion by uploading a crafted...

4.9CVSS4.9AI score0.03315EPSS
CVE
CVE
added 2022/06/13 12:42 p.m.79 views

CVE-2022-1762

CVE-2022-1762 affects the WordPress plugin iQ Block Country prior to version 1.2.20. The root cause is improper HTTP header validation used to determine the origin IP, which allows an attacker to bypass the plugin’s block feature by spoofing headers. Public sources in the connected documents corr...

7.5CVSS7.4AI score0.01191EPSS
CVE
CVE
added 2021/09/23 3:7 p.m.75 views

CVE-2021-36873

CVE-2021-36873 affects WordPress plugin iQ Block Country (versions = 1.2.12). If upgrading is not feasible, apply mitigations per the patch sources. The connected documents confirm the vulnerability and the recommended fix; exploitation details are not provided beyond the general XSS description.

5.5CVSS5.3AI score0.01225EPSS
CVE
CVE
added 2022/11/18 11:17 p.m.66 views

CVE-2022-41155

CVE-2022-41155 is a Block BYPASS vulnerability in the WordPress iQ Block Country plugin, affecting versions prior to 1.2.19. The NVD indicates a critical impact (CVSSv3.1 base score 9.8; HIGH confidentiality, integrity, and availability impacts). Patch guidance from connected sources recommends u...

9.8CVSS7.3AI score0.00664EPSS