WordPress Plugin Vulnerabilities

DoLogin Security < 3.7 - IP Spoofing

Description

The plugin uses headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing.

Proof of Concept

1. Send login request with x-forwarded-for: [REDACTED_IP]
2. See spoofed IP address in the "Login Attempts Log"

Affects Plugins

Plugin icon
dologin
Fixed in 3.7

References

CVE
CVE-2023-4631

Classification

Type
SPOOFING
OWASP top 10
A5: Broken Access Control
CWE
CWE-290
CVSS
4.3 (medium)

Miscellaneous

Original Researcher
Bartlomiej Marek and Tomasz Swiadek
Submitter
Bartlomiej Marek
Verified
Yes
WPVDB ID
28613fc7-1400-4553-bcc3-24df1cee418e

Timeline

Publicly Published
2023-08-28 (about 8 months ago)
Added
2023-08-30 (about 8 months ago)
Last Updated
2023-08-30 (about 8 months ago)

Other

Published
Title
Published
2023-11-06
Title
Security & Malware scan by CleanTalk < 2.121 - IP Spoofing
Published
2024-03-28
Title
IP Blocker Lite <= 11.1.1 - IP Spoofing
Published
2023-12-27
Title
RegistrationMagic < 5.2.5.1 - IP Spoofing
Published
2024-01-29
Title
User Activity Tracking and Log < 4.1.4 - IP Spoofing
Published
2023-12-27
Title
Rate my Post < 3.4.3 - IP Spoofing