Lucene search
HistoryDec 12, 2022 - 6:15 p.m.
CVE-2022-4097
wordpress
plugin
ip spoofing
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS
0.001
Percentile
33.3%
The All-In-One Security (AIOS) WordPress plugin before 5.0.8 is susceptible to IP Spoofing attacks, which can lead to bypassed security features (like IP blocks, rate limiting, brute force protection, and more).
Affected configurations
Node
updraftplusall-in-one_securityRange<5.0.8wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| updraftplus | all-in-one_security | * | cpe:2.3:a:updraftplus:all-in-one_security:*:*:*:*:*:wordpress:*:* |
Related
wpexploit
wpexploit
All In One WP Security & Firewall < 5.0.8 - IP Spoofing
2022-11-21 00:00:00
prion
prion
Design/Logic Flaw
2022-12-12 18:15:00
openvas
openvas
wpvulndb
wpvulndb
All In One WP Security & Firewall < 5.0.8 - IP Spoofing
2022-11-21 00:00:00
cve
cve
CVE-2022-4097
2022-12-12 18:15:13
cvelist
cvelist
CVE-2022-4097 All In One WP Security & Firewall < 5.0.8 - IP Spoofing
2022-12-12 17:54:35
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS
0.001
Percentile
33.3%
Related for NVD:CVE-2022-4097