Skip to content

Features
Pricing

Search

WordPress Plugin Vulnerabilities

Hide My WP Ghost – Security < 5.0.20 - IP Address Spoofing

Description

The plugin does not adequately restrict where IP Address information is retrieved from, leading to an IP Address Spoofing vulnerabilities. Attackers may use this to bypass IP blocking features provided by the plugin.

Affects Plugins

Fixed in 5.0.20

References

CVE

Miscellaneous

Original Researcher

Mohammadreza Rashidi

Verified

No

WPVDB ID

0ded58d4-5b94-4e74-863e-639935ee2758

Timeline

Publicly Published

2023-05-08 (about 3 years ago)

Added

2023-05-09 (about 3 years ago)

Last Updated

2023-05-09 (about 3 years ago)

Other

Published

Title

Published

2024-09-17

Title

WP Hardening – Fix Your WordPress Security < 1.2.7 - Unauthenticated Security Feature Bypass to Username Enumeration

Published

2018-08-26

Title

Ajax BootModal Login <= 1.4.3 - Captcha Reuse

Published

2020-02-29

Title

Booked < 2.2.6 - Broken Authentication to Export Users Data in CSV

Published

2017-01-11

Title

WordPress 4.7 - User Information Disclosure via REST API

Published

2025-01-03

Title

reCaptcha by BestWebSoft < 1.79 - CAPTCHA Bypass

Vulnerabilities

WordPress
Plugins
Themes
Our Stats
Submit vulnerabilities

About

How it works
Pricing
WordPress plugin
Blog
Contact

For Developers

Status
API details
CLI scanner

Other

Privacy
Terms of service
Submission terms
Disclosure policy
Privacy Notice for California Users

In partnership with Jetpack

GitHub
Twitter
Facebook

An

endeavor

Subscribe Subscribed
- WPScan
- Already have a WordPress.com account? Log in now.