WordPress Plugin Vulnerabilities

FluentAuth < 1.0.2 - Bypass blocks by IP Spoofing

Description

The plugin prioritizes getting a visitor's IP address from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass the IP-based blocks set by the plugin.

Proof of Concept

Set HTTP_X_REAL_IP, HTTP_X_FORWARDED_FOR, HTTP_CF_CONNECTING_IP or HTTP_CLIENT_IP to spoof the IP address.

Affects Plugins

Plugin icon
fluent-security
Fixed in 1.0.2

References

CVE
CVE-2022-4746

Miscellaneous

Original Researcher
Daniel Ruf
Submitter
Daniel Ruf
Submitter website
https://magos-securitas.com
Verified
Yes
WPVDB ID
62e3babc-00c6-4a35-972f-8f03ba70ba32

Timeline

Publicly Published
2022-12-27 (about 1 years ago)
Added
2022-12-27 (about 1 years ago)
Last Updated
2022-12-28 (about 1 years ago)

Other

Published
Title
Published
2014-09-17
Title
WordPress Mobile Pack 1.0.8223 - 2.0.1 Password Protected Post Disclosure
Published
2020-09-22
Title
Ninja Forms < 3.4.27.1 - Validation Bypass via Email Field
Published
2018-02-08
Title
Swape Theme - Authentication Bypass and Stored XSS
Published
2015-05-26
Title
Estrutura-Basica - Local File Download
Published
2022-04-07
Title
SiteGround Security < 1.2.6 - Authorization Weakness to Authentication Bypass via 2-FA Back-up Codes