WordPress Plugin Vulnerabilities

Titan Anti-spam & Security < 7.3.1 - Protection Bypass due to IP Spoofing

Description

The plugin does not properly checks HTTP headers in order to validate the origin IP address, allowing threat actors to bypass it's block feature by spoofing the headers.

Proof of Concept

The function wantispamp_get_ip() is vulnerable to IP spoofing because of the general usage of $_SERVER['HTTP_X_FORWARDED_FOR']
curl -i -H 'X_FORWARDED_FOR: 0.0.0.0' https://example.com

Affects Plugins

Plugin icon
anti-spam
Fixed in 7.3.1

References

CVE
CVE-2022-2877

Miscellaneous

Original Researcher
Daniel Ruf
Submitter
Daniel Ruf
Submitter website
https://daniel-ruf.de
Verified
Yes
WPVDB ID
f1af4267-3a43-4b88-a8b9-c1d5b2aa9d68

Timeline

Publicly Published
2022-08-17 (about 1 years ago)
Added
2022-08-17 (about 1 years ago)
Last Updated
2023-05-10 (about 1 years ago)

Other

Published
Title
Published
2015-03-12
Title
Custom Field Suite <= 2.4 - Insufficient Authorisation
Published
2023-06-19
Title
CMS Commander < 2.288 - Unauthenticated Authorisation Bypass
Published
2019-01-16
Title
Social Network Tabs - Social Media API Key Leakage
Published
2022-10-28
Title
Login Block IPs <= 1.0.0 - IP Spoofing Bypass
Published
2014-12-02
Title
InfiniteWP Client <= 1.3.7 - Privilege Escalation