Lucene search
WPScanCVE-2022-4097HistoryDec 12, 2022 - 6:15 p.m.
CVE-2022-4097
2022-12-1218:15:13
CWE-639
WPScan
web.nvd.nist.gov
32
all-in-one security
aios
wordpress
plugin
cve-2022-4097
ip spoofing
security features
vulnerability
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS
0.001
Percentile
33.3%
The All-In-One Security (AIOS) WordPress plugin before 5.0.8 is susceptible to IP Spoofing attacks, which can lead to bypassed security features (like IP blocks, rate limiting, brute force protection, and more).
Affected configurations
Node
updraftplusall-in-one_securityRange<5.0.8wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| updraftplus | all-in-one_security | * | cpe:2.3:a:updraftplus:all-in-one_security:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"vendor": "Unknown",
"product": "All-In-One Security (AIOS)",
"collectionURL": "https://wordpress.org/plugins",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThan": "5.0.8"
}
],
"defaultStatus": "unaffected"
}
]Related
nvd
nvd
CVE-2022-4097
2022-12-12 18:15:13
wpexploit
wpexploit
All In One WP Security & Firewall < 5.0.8 - IP Spoofing
2022-11-21 00:00:00
prion
prion
Design/Logic Flaw
2022-12-12 18:15:00
openvas
openvas
wpvulndb
wpvulndb
All In One WP Security & Firewall < 5.0.8 - IP Spoofing
2022-11-21 00:00:00
cvelist
cvelist
CVE-2022-4097 All In One WP Security & Firewall < 5.0.8 - IP Spoofing
2022-12-12 17:54:35
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS
0.001
Percentile
33.3%
Related for CVE-2022-4097