CVE-2024-0789 – The WP Maintenance plugin for WordPress is vulnera

CVE ID : CVE-2024-0789

Published : June 19, 2024, 8:15 a.m. | 1 hour, 4 minutes ago

Description : The WP Maintenance plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 6.1.9.2 due to insufficient IP address validation and use of user-supplied HTTP headers as a primary method for IP retrieval. This makes it possible for unauthenticated attackers to bypass maintenance mode.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…CVE ID : CVE-2024-0789

Published : June 19, 2024, 8:15 a.m. | 1 hour, 4 minutes ago

Description : The WP Maintenance plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 6.1.9.2 due to insufficient IP address validation and use of user-supplied HTTP headers as a primary method for IP retrieval. This makes it possible for unauthenticated attackers to bypass maintenance mode.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…