WordPress Plugin Vulnerabilities

Download Manager < 3.2.50 - Bypass IP Address Blocking Restriction

Description

The plugin prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based download blocking restrictions.

Proof of Concept

When downloading a file, add an X-Forwarded-For header that contains a random IP address to your request.

Affects Plugins

Plugin icon
download-manager
Fixed in 3.2.50

References

CVE
CVE-2022-2362

Miscellaneous

Original Researcher
Raad Haddad of Cloudyrion GmbH
Submitter
Raad Haddad of Cloudyrion GmbH
Submitter twitter
raadfhaddad
Verified
Yes
WPVDB ID
d94b721e-9ce2-45e5-a673-2a57b0137653

Timeline

Publicly Published
2022-08-01 (about 1 years ago)
Added
2022-08-01 (about 1 years ago)
Last Updated
2023-04-29 (about 1 years ago)

Other

Published
Title
Published
2017-02-01
Title
WordPress 4.7.0-4.7.1 - Unauthenticated Page/Post Content Modification via REST API
Published
2020-05-26
Title
Drag and Drop Multiple File Upload for Contact Form 7 < 1.3.3.3 - Unauthenticated File Upload Bypass
Published
2021-08-05
Title
User Rights Access Manager < 1.0.8 - Access Restriction Bypass
Published
2020-01-08
Title
Minimal Coming Soon & Maintenance Mode < 2.17 - Insecure permissions: Export Settings/Theme Change
Published
2023-11-16
Title
LWS Hide Login < 2.1.9 - Protection Mechanism Bypass