CVE-2022-4539

Published: Aug 31, 2024Modified: Sep 19, 2024

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Exploitability: 3.9 / Impact: 1.4

Source: security@wordfence.com (Secondary)

Description

The Web Application Firewall plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.1.2. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the X-Forwarded-For header with with a different IP Address that will be logged and can be used to bypass settings that may have blocked out an IP address or country from logging in.

Affected (1)

Products: Miniorange: Web Application Firewall

1 product

Web Application Firewall

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Miniorange Web Application Firewall	Before 2.1.3

Related CWEs

Insufficient Verification of Data Authenticity

The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.

Use of Less Trusted Source

The product has two different sources of the same data or information, but it uses the source that has less support for verification, is less trusted, or is less resistant to attack.

References (2)

https://plugins.trac.wordpress.org/changeset/3055548/web-application-firewall/trunk/helper/utility.php

Source: security@wordfence.com

Patch

https://www.wordfence.com/threat-intel/vulnerabilities/id/0e99531c-8742-4f91-8525-65bb3cb06644?source=cve

Source: security@wordfence.com

Third Party Advisory

Timeline

No history available yet.