Vulnerability CVE-2022-4550


Published: 2023-02-27

Description:
The User Activity WordPress plugin through 1.0.1 checks headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing

Type:

CWE-639

(Authorization Bypass Through User-Controlled Key)

 References:
https://wpscan.com/vulnerability/a1179959-2044-479f-a5ca-3c9ffc46d00e

Copyright 2026, cxsecurity.com

 

Back to Top