CVE-2022-1762

Published: Jun 13, 2022Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

The iQ Block Country WordPress plugin before 1.2.20 does not properly checks HTTP headers in order to validate the origin IP address, allowing threat actors to bypass it's block feature by spoofing the headers.

Affected (1)

Products: Webence: Iq Block Country

Webence

1 product

Iq Block Country

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Webence Iq Block Country	Up to 1.2.13

References (2)

https://wpscan.com/vulnerability/03254977-37cc-4365-979b-326f9637be85

Source: contact@wpscan.com

ExploitThird Party Advisory

https://wpscan.com/vulnerability/03254977-37cc-4365-979b-326f9637be85

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.