CVE-2014-6230CVE-2014-6230

Affected configuration(s):

cpe:/a:wp_ban_project:wp_ban:1.6.3::~~~wordpress~~

Date published: 2014-10-24T20:55:03.867-04:00

Date last modified: 2014-10-27T10:58:22.027-04:00

CVSS Score: 4.3

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://seclists.org/fulldisclosure/2014/Sep/60

Summary: WP-Ban plugin before 1.6.4 for WordPress, when running in certain configurations, allows remote attackers to bypass the IP blacklist via a crafted X-Forwarded-For header.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.