CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-4303

The WP Limit Login Attempts WordPress plugin through 2.6.4 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based restrictions on login forms.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 28.0%

CVSS Severity

CVSS v3 Score 7.5

References

Products affected by CVE-2022-4303

Ciphercoin » Wp Limit Login Attempts » Version: 1.0

cpe:2.3:a:ciphercoin:wp_limit_login_attempts:1.0
Ciphercoin » Wp Limit Login Attempts » Version: 2.0

cpe:2.3:a:ciphercoin:wp_limit_login_attempts:2.0
Ciphercoin » Wp Limit Login Attempts » Version: 2.3.1

cpe:2.3:a:ciphercoin:wp_limit_login_attempts:2.3.1
Ciphercoin » Wp Limit Login Attempts » Version: 2.3.2

cpe:2.3:a:ciphercoin:wp_limit_login_attempts:2.3.2
Ciphercoin » Wp Limit Login Attempts » Version: 2.3.3

cpe:2.3:a:ciphercoin:wp_limit_login_attempts:2.3.3
Ciphercoin » Wp Limit Login Attempts » Version: 2.4

cpe:2.3:a:ciphercoin:wp_limit_login_attempts:2.4
Ciphercoin » Wp Limit Login Attempts » Version: 2.4.1

cpe:2.3:a:ciphercoin:wp_limit_login_attempts:2.4.1
Ciphercoin » Wp Limit Login Attempts » Version: 2.6

cpe:2.3:a:ciphercoin:wp_limit_login_attempts:2.6
Ciphercoin » Wp Limit Login Attempts » Version: 2.6.1

cpe:2.3:a:ciphercoin:wp_limit_login_attempts:2.6.1
Ciphercoin » Wp Limit Login Attempts » Version: 2.6.4

cpe:2.3:a:ciphercoin:wp_limit_login_attempts:2.6.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-4303

Products

Pricing

Contact Us