2025-03-01 06:39:28
Wordfence
PUBLISHED
The IP2Location Redirection plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the download_ip2location_redirection_backup AJAX action in all versions up to, and including, 1.33.3. This makes it possible for unauthenticated attackers to download the plugins settings.