IP Blacklist Bypass in WP-Ban Plugin for WordPress
CVE-2014-6230

Currently unrated

Key Information:

Vendor

Wordpress
Status
WP-ban
Vendor
CVE Published:
25 October 2014

What is CVE-2014-6230?

The WP-Ban plugin prior to version 1.6.4 for WordPress has a security flaw where remote attackers can circumvent IP blacklisting by sending a specially crafted X-Forwarded-For header. This misconfiguration allows unauthorized users to access restricted areas, exposing the website to potential threats. It is critical for users of the WP-Ban plugin to update to the latest version to safeguard against this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://wordpress.org/plugins/wp-ban/changelog/
x_refsource_CONFIRM
https://security.dxw.com/advisories/vulnerability-in-wp-b...
x_refsource_MISC
http://seclists.org/fulldisclosure/2014/Sep/60
mailing-listx_refsource_FULLDISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.