CVE-2020-13485
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header.
9.1CVSS
9.2AI Score
0.002EPSS
CVE-2020-13486
The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection.
6.1CVSS
6.2AI Score
0.001EPSS