Vulnerabilities > Wpcerber

DATE CVE VULNERABILITY TITLE RISK
2024-08-31 CVE-2022-4100 Unspecified vulnerability in Wpcerber Cerber Security Antispam & Malware Scan
The WP Cerber Security plugin for WordPress is vulnerable to IP Protection bypass in versions up to, and including 9.4 due to the plugin improperly checking for a visitor's IP address.
network
low complexity
wpcerber
5.3
2021-08-19 CVE-2021-37597 Improper Authentication vulnerability in Wpcerber WP Cerber
WP Cerber before 8.9.3 allows MFA bypass via wordpress_logged_in_[hash] manipulation.
network
low complexity
wpcerber CWE-287
critical
9.8
2021-08-19 CVE-2021-37598 Incorrect Authorization vulnerability in Wpcerber WP Cerber
WP Cerber before 8.9.3 allows bypass of /wp-json access control via a trailing ? character.
network
low complexity
wpcerber CWE-863
5.3
2019-09-17 CVE-2016-10990 Cross-site Scripting vulnerability in Wpcerber Cerber Security Antispam & Malware Scan 2.0.1.6
The wp-cerber plugin before 2.7 for WordPress has XSS via the X-Forwarded-For HTTP header.
network
low complexity
wpcerber CWE-79
6.1