Security Advisory

CVE-2024-0868

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-04-17 05:00:02

Last updated 2024-08-09 20:03:49

Assigner WPScan

State PUBLISHED

Description

The coreActivity: Activity Logging plugin for WordPress plugin before 2.1 retrieved IP addresses of requests via headers such X-FORWARDED to log them, allowing users to spoof them by providing an arbitrary value

← Browse all CVEs View on cve.org ↗