CVE-2023-4281
Description
This Activity Log WordPress plugin before 2.8.8 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to hide the source of malicious traffic.
NVD
Severity: MEDIUM
CVE ID: CVE-2023-4281
CVSS Score: 5.3
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Proof Of Concept
b0marek
Repository for CVE-2023-4281 vulnerability.
Refrence: GitHub
Content on GitHub
C1ph3rX13 | watchers:5
CVE-2023-42819
CVE-2023-42819
Refrence: GitHub