CVE-2023-0816

Sažetak

The Formidable Forms WordPress plugin before 6.1 uses several potentially untrusted headers to determine the IP address of the client, leading to IP Address spoofing and bypass of anti-spam protections.

Reference

https://wpscan.com/vulnerability/a281f63f-e295-4666-8a08-01b23cd5a744
https://wpscan.com/vulnerability/a281f63f-e295-4666-8a08-01b23cd5a744

CVSS

Base:	6.5
Impact:	2.5
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
LOW	LOW	NONE

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Zadnje važnije ažuriranje

19-02-2025 - 17:15

Objavljeno

27-03-2023 - 16:15