Vulnerabilities > Wpcerber
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-31 | CVE-2022-4100 | Unspecified vulnerability in Wpcerber Cerber Security Antispam & Malware Scan The WP Cerber Security plugin for WordPress is vulnerable to IP Protection bypass in versions up to, and including 9.4 due to the plugin improperly checking for a visitor's IP address. | 5.3 |
2021-08-19 | CVE-2021-37597 | Improper Authentication vulnerability in Wpcerber WP Cerber WP Cerber before 8.9.3 allows MFA bypass via wordpress_logged_in_[hash] manipulation. | 7.5 |
2021-08-19 | CVE-2021-37598 | Incorrect Authorization vulnerability in Wpcerber WP Cerber WP Cerber before 8.9.3 allows bypass of /wp-json access control via a trailing ? character. | 5.0 |
2019-09-17 | CVE-2016-10990 | Cross-site Scripting vulnerability in Wpcerber Cerber Security Antispam & Malware Scan 2.0.1.6 The wp-cerber plugin before 2.7 for WordPress has XSS via the X-Forwarded-For HTTP header. | 4.3 |