CVE-2014-6230

Currently unrated

Key Information:

Vendor: Wordpress
Status: WP-ban
Vendor: CVE Published:; 25 October 2014

Summary

WP-Ban plugin before 1.6.4 for WordPress, when running in certain configurations, allows remote attackers to bypass the IP blacklist via a crafted X-Forwarded-For header.

References

https://wordpress.org/plugins/wp-ban/changelog/

x_refsource_CONFIRM

https://security.dxw.com/advisories/vulnerability-in-wp-b...

x_refsource_MISC

http://seclists.org/fulldisclosure/2014/Sep/60

mailing-listx_refsource_FULLDISC

Timeline

Vulnerability published
Oct 25, 2014
Vulnerability Reserved
Sep 4, 2014