cvelist/2022/2xxx/CVE-2022-2877.json

{
  "CVE_data_meta": {
    "ID": "CVE-2022-2877",
    "ASSIGNER": "contact@wpscan.com",
    "STATE": "PUBLIC",
    "TITLE": "Titan Anti-spam & Security < 7.3.1 - Protection Bypass due to IP Spoofing"
  },
  "data_format": "MITRE",
  "data_type": "CVE",
  "data_version": "4.0",
  "generator": "WPScan CVE Generator",
  "affects": {
    "vendor": {
      "vendor_data": [
        {
          "vendor_name": "Unknown",
          "product": {
            "product_data": [
              {
                "product_name": "Titan Anti-spam & Security",
                "version": {
                  "version_data": [
                    {
                      "version_affected": "<",
                      "version_name": "7.3.1",
                      "version_value": "7.3.1"
                    }
                  ]
                }
              }
            ]
          }
        }
      ]
    }
  },
  "description": {
    "description_data": [
      {
        "lang": "eng",
        "value": "The Titan Anti-spam & Security WordPress plugin before 7.3.1 does not properly checks HTTP headers in order to validate the origin IP address, allowing threat actors to bypass it's block feature by spoofing the headers."
      }
    ]
  },
  "references": {
    "reference_data": [
      {
        "refsource": "MISC",
        "url": "https://wpscan.com/vulnerability/f1af4267-3a43-4b88-a8b9-c1d5b2aa9d68",
        "name": "https://wpscan.com/vulnerability/f1af4267-3a43-4b88-a8b9-c1d5b2aa9d68"
      }
    ]
  },
  "problemtype": {
    "problemtype_data": [
      {
        "description": [
          {
            "value": "CWE-639 Authorization Bypass Through User-Controlled Key",
            "lang": "eng"
          }
        ]
      }
    ]
  },
  "credit": [
    {
      "lang": "eng",
      "value": "Daniel Ruf"
    }
  ],
  "source": {
    "discovery": "EXTERNAL"
  }
}
"-Synchronized-Data." 2022-08-17 19:00:38 +00:00			`{`
Adds CVE 2022-09-16 10:38:16 +02:00			`"CVE_data_meta": {`
			`"ID": "CVE-2022-2877",`
			`"ASSIGNER": "contact@wpscan.com",`
			`"STATE": "PUBLIC",`
			`"TITLE": "Titan Anti-spam & Security < 7.3.1 - Protection Bypass due to IP Spoofing"`
			`},`
			`"data_format": "MITRE",`
			`"data_type": "CVE",`
			`"data_version": "4.0",`
			`"generator": "WPScan CVE Generator",`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"vendor_name": "Unknown",`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "Titan Anti-spam & Security",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_affected": "<",`
			`"version_name": "7.3.1",`
			`"version_value": "7.3.1"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`},`
			`"description": {`
			`"description_data": [`
			`{`
			`"lang": "eng",`
			`"value": "The Titan Anti-spam & Security WordPress plugin before 7.3.1 does not properly checks HTTP headers in order to validate the origin IP address, allowing threat actors to bypass it's block feature by spoofing the headers."`
			`}`
			`]`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"refsource": "MISC",`
			`"url": "https://wpscan.com/vulnerability/f1af4267-3a43-4b88-a8b9-c1d5b2aa9d68",`
			`"name": "https://wpscan.com/vulnerability/f1af4267-3a43-4b88-a8b9-c1d5b2aa9d68"`
			`}`
			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"value": "CWE-639 Authorization Bypass Through User-Controlled Key",`
			`"lang": "eng"`
			`}`
"-Synchronized-Data." 2022-08-17 19:00:38 +00:00			`]`
Adds CVE 2022-09-16 10:38:16 +02:00			`}`
			`]`
			`},`
			`"credit": [`
			`{`
			`"lang": "eng",`
			`"value": "Daniel Ruf"`
"-Synchronized-Data." 2022-08-17 19:00:38 +00:00			`}`
Adds CVE 2022-09-16 10:38:16 +02:00			`],`
			`"source": {`
			`"discovery": "EXTERNAL"`
			`}`
			`}`