CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-1601

The User Access Manager WordPress plugin before 2.2.18 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible for attackers to access restricted content in certain situations.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 32.7%

CVSS Severity

CVSS v3 Score 5.3

References

https://wpscan.com/vulnerability/f6d3408c-2ceb-4a89-822b-13f5272a5fce
https://wpscan.com/vulnerability/f6d3408c-2ceb-4a89-822b-13f5272a5fce

Products affected by CVE-2022-1601

Alexanderschneider » User Access Manager » Version: Any

cpe:2.3:a:alexanderschneider:user_access_manager:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-1601

Products

Pricing

Contact Us