The plugin does not properly checks HTTP headers in order to validate the origin IP address, allowing threat actors to bypass it’s block feature by spoofing the headers.
curl -i -H ‘CF-CONNECTING-IP: 0.0.0.0’ https://example.com
CPE | Name | Operator | Version |
---|---|---|---|
iq-block-country | eq | * |