The Security & Malware scan by CleanTalk WordPress plugin before 2.121 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to bypass bruteforce protection.
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/1d748f91-773b-49d6-8f68-a27d397713c3 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2023-11-27T16:22:00.577Z
Updated: 2023-11-27T16:22:00.577Z
Reserved: 2023-09-27T17:21:24.474Z
Link: CVE-2023-5239
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-11-27T17:15:08.787
Modified: 2023-12-01T19:22:45.963
Link: CVE-2023-5239
JSON object: View
Redhat Information
No data.
CWE