The DoLogin Security WordPress plugin before 3.7 uses headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing.
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/28613fc7-1400-4553-bcc3-24df1cee418e | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2023-09-25T15:56:54.321Z
Updated: 2023-09-25T15:56:54.321Z
Reserved: 2023-08-30T13:37:17.179Z
Link: CVE-2023-4631
JSON object: View
NVD Information
Status : Modified
Published: 2023-09-25T16:15:15.450
Modified: 2023-11-07T04:22:48.020
Link: CVE-2023-4631
JSON object: View
Redhat Information
No data.
CWE
No CWE.