CVE-2023-4631

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Sep 25, 2023

Updated: Nov 7, 2023

CWE ID 234

Summary

CVE-2023-4631 is a vulnerability affecting the DoLogin Security WordPress plugin before version 3.7. This issue allows attackers to manipulate headers such as X-Forwarded-For to falsely represent their IP addresses to the plugin. As a result, IP spoofing is possible, potentially bypassing security measures and granting unauthorized access to sensitive information. WordPress users are advised to update their DoLogin Security plugin to version 3.7 or higher to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Debian

Affected Vendors

Debian
BUC

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tGeFoB
https://www.cve.org/CVERecord?id=CVE-2023-4631
https://nvd.nist.gov/vuln/detail/CVE-2023-4631

Back to Vulnerability Database