The AA Block Country plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.0.1. This is due to the plugin trusting user-supplied headers such as HTTP_X_FORWARDE
The Security, Antivirus, Firewall – S.A.F plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.3.5. This is due to insufficient restrictions on where the IP Ad
The Web Application Firewall plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.1.2. This is due to insufficient restrictions on where the IP Address informa
The IP Vault – WP Firewall plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.1. This is due to insufficient restrictions on where the IP Address information
The Advanced Country Blocker plugin for WordPress is vulnerable to Authorization Bypass in all versions up to, and including, 2.3.1 due to the use of a predictable default value for the secret bypass
The xmlrpc attacks blocker plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0, via the 'X-Forwarded-For' HTTP header. This is due to the plugin tru
The IP2Location Country Blocker plugin for WordPress is vulnerable to Regular Information Exposure in all versions up to, and including, 2.38.8 due to missing capability checks on the admin_init() fun
The Limit Login Attempts (Spam Protection) plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 5.3. This is due to insufficient restrictions on where the IP Add
The Country Blocker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ip' parameter in all versions up to, and including, 3.2 due to insufficient input sanitization and out
The OOPSpam Anti-Spam: Spam Protection for WordPress Forms & Comments (No CAPTCHA) plugin for WordPress is vulnerable to IP Header Spoofing in all versions up to, and including, 1.2.53. This is due to
The Password Protected plugin for WordPress is vulnerable to authorization bypass via IP address spoofing in all versions up to, and including, 2.7.11. This is due to the plugin trusting client-contro
The LOGIN AND REGISTRATION ATTEMPTS LIMIT plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.1. This is due to insufficient restrictions on where the IP Addr
The WP Cerber Security plugin for WordPress is vulnerable to IP Protection bypass in versions up to, and including 9.4 due to the plugin improperly checking for a visitor's IP address. This makes it p
The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 5.2.12 due to
The Apptivo Business Site CRM plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.3. This is due to missing or incorrect nonce validation on the 'a
The Advanced Google reCAPTCHA plugin for WordPress is vulnerable to IP unblocking in all versions up to, and including, 1.25. This is due to the plugin not utilizing a strong unique key when generatin
WordPress Plugin IP2Location Country Blocker 2.26.7 contains a stored cross-site scripting vulnerability that allows authenticated users to inject arbitrary JavaScript code through the Frontend Settin
The Limit Login Attempts Plus plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.1.0. This is due to insufficient restrictions on where the IP Address inform
The Login Lockdown & Protection plugin for WordPress is vulnerable to IP Block Bypass in all versions up to, and including, 2.14. This is due to $unblock_key key being insufficiently random allowing u
The Country Blocker for AdSense plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing nonce validation on the CBFA_guardar_
Page 1+ Next →