cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-4539,https://securityvulnerability.io/vulnerability/CVE-2022-4539,WordPress WAF Vulnerable to IP Address Spoofing,"The Web Application Firewall plugin for WordPress is susceptible to IP Address Spoofing due to insufficient filtering of the IP Address information utilized for logging and enforcing login restrictions. Attackers can exploit this vulnerability by modifying the X-Forwarded-For header to present a falsified IP Address. This manipulation can allow attackers to bypass restrictions that are designed to prevent access from specific IP addresses or geographical locations, thus compromising the integrity of the access control measures implemented by the website.",Wordpress,Web Application Firewall – Website Security,5.3,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,2024-08-31T09:35:55.748Z,0
CVE-2024-2172,https://securityvulnerability.io/vulnerability/CVE-2024-2172,Privilege Escalation in Malware Scanner and Web Application Firewall for WordPress by MiniOrange,"The Malware Scanner and the Web Application Firewall plugins for WordPress, developed by MiniOrange, exhibit a vulnerability that allows unauthenticated attackers to escalate their privileges due to a missing capability check in the mo_wpns_init() function. This flaw affects all versions of the Malware Scanner up to and including 4.7.2 and the Web Application Firewall up to and including 2.1.1. Attackers exploiting this vulnerability can gain administrative access, posing serious risks to website integrity and security.",Wordpress,"Web Application Firewall – Website Security,Malware Scanner",9.8,CRITICAL,0.00044999999227002263,false,,false,false,false,,false,false,2024-03-13T15:26:53.433Z,0