Wpcerber

wpcerber

4 CVEs • 2 products

Products (2)

Click to collapse

Toggle

Cerber Security Antispam & Malware Scan

cerber_security_antispam_&_malware_scan

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-4100 1Wpcerber 1Cerber Security Antispam & Malware Scan Sep 20, 2024 Aug 31, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 The WP Cerber Security plugin for WordPress is vulnerable to IP Protection bypass in versions up to, and including 9.4 due to the plugin improperly checking for a visitor's IP address. This makes it possible for an attac...Show more The WP Cerber Security plugin for WordPress is vulnerable to IP Protection bypass in versions up to, and including 9.4 due to the plugin improperly checking for a visitor's IP address. This makes it possible for an attacker whose IP address has been blocked to bypass this control by setting the X-Forwarded-For: HTTP header to an IP Address that hasn't been blocked.Show less
CVE-2021-37598 1Wpcerber 1Wp Cerber Nov 21, 2024 Aug 19, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 WP Cerber before 8.9.3 allows bypass of /wp-json access control via a trailing ? character.
CVE-2021-37597 1Wpcerber 1Wp Cerber Nov 21, 2024 Aug 19, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 WP Cerber before 8.9.3 allows MFA bypass via wordpress_logged_in_[hash] manipulation.
CVE-2016-10990 1Wpcerber 1Cerber Security Antispam & Malware Scan Nov 21, 2024 Sep 17, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The wp-cerber plugin before 2.7 for WordPress has XSS via the X-Forwarded-For HTTP header.