mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-29 17:50:34 +00:00
892 B
892 B
CVE-2024-0868
Description
The coreActivity: Activity Logging plugin for WordPress plugin before 2.1 retrieved IP addresses of requests via headers such X-FORWARDED to log them, allowing users to spoof them by providing an arbitrary value
POC
Reference
- https://wpscan.com/vulnerability/bb7c2d2b-cdfe-433b-96cf-714e71d12b22/
- https://wpscan.com/vulnerability/bb7c2d2b-cdfe-433b-96cf-714e71d12b22/
Github
No PoCs found on GitHub currently.