Description The plugin is vulnerable to IP Spoofing due to insufficient validation of IP addresses, allowing unauthenticated attackers to bypass the plugin’s maintenance mode restriction via the ‘X-Forwarded-For’ HTTP header.
CPE | Name | Operator | Version |
---|---|---|---|
eq | 1.0.7 |