| |
Vulnerability CVE-2022-1601
Published: 2023-08-30
| Description: |
The User Access Manager WordPress plugin before 2.2.18 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible for attackers to access restricted content in certain situations. |
Type:
CWE-290 (Authentication Bypass by Spoofing)
References: |
https://wpscan.com/vulnerability/f6d3408c-2ceb-4a89-822b-13f5272a5fce
|
|
|
closedb();
?>
Copyright 2026, cxsecurity.com
|
|
|