Vulnerabilities > Plugin Planet > Blackhole FOR BAD Bots
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-04 | CVE-2022-1165 | Authorization Bypass Through User-Controlled Key vulnerability in Plugin-Planet Blackhole for BAD Bots The Blackhole for Bad Bots WordPress plugin before 3.3.2 uses headers such as CF-CONNECTING-IP, CLIENT-IP etc to determine the IP address of requests hitting the blackhole URL, which allows them to be spoofed. | 6.4 |