WordPress Plugin Vulnerabilities
FluentAuth < 1.0.2 - Bypass blocks by IP Spoofing
Description
The plugin prioritizes getting a visitor's IP address from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass the IP-based blocks set by the plugin.
Proof of Concept
Set HTTP_X_REAL_IP, HTTP_X_FORWARDED_FOR, HTTP_CF_CONNECTING_IP or HTTP_CLIENT_IP to spoof the IP address.
Affects Plugins
References
CVE
Miscellaneous
Original Researcher
Daniel Ruf
Submitter
Daniel Ruf
Submitter website
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2022-12-27 (about 1 years ago)
Added
2022-12-27 (about 1 years ago)
Last Updated
2022-12-28 (about 1 years ago)