{"containers":{"cna":{"affected":[{"product":"Titan Anti-spam & Security","vendor":"Unknown","versions":[{"lessThan":"7.3.1","status":"affected","version":"7.3.1","versionType":"custom"}]}],"credits":[{"lang":"en","value":"Daniel Ruf"}],"descriptions":[{"lang":"en","value":"The Titan Anti-spam & Security WordPress plugin before 7.3.1 does not properly checks HTTP headers in order to validate the origin IP address, allowing threat actors to bypass it's block feature by spoofing the headers."}],"problemTypes":[{"descriptions":[{"cweId":"CWE-639","description":"CWE-639 Authorization Bypass Through User-Controlled Key","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2022-09-16T08:40:37.000Z","orgId":"1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81","shortName":"WPScan"},"references":[{"tags":["x_refsource_MISC"],"url":"https://wpscan.com/vulnerability/f1af4267-3a43-4b88-a8b9-c1d5b2aa9d68"}],"source":{"discovery":"EXTERNAL"},"title":"Titan Anti-spam & Security < 7.3.1 - Protection Bypass due to IP Spoofing","x_generator":"WPScan CVE Generator","x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"contact@wpscan.com","ID":"CVE-2022-2877","STATE":"PUBLIC","TITLE":"Titan Anti-spam & Security < 7.3.1 - Protection Bypass due to IP Spoofing"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Titan Anti-spam & Security","version":{"version_data":[{"version_affected":"<","version_name":"7.3.1","version_value":"7.3.1"}]}}]},"vendor_name":"Unknown"}]}},"credit":[{"lang":"eng","value":"Daniel Ruf"}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The Titan Anti-spam & Security WordPress plugin before 7.3.1 does not properly checks HTTP headers in order to validate the origin IP address, allowing threat actors to bypass it's block feature by spoofing the headers."}]},"generator":"WPScan CVE Generator","problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-639 Authorization Bypass Through User-Controlled Key"}]}]},"references":{"reference_data":[{"name":"https://wpscan.com/vulnerability/f1af4267-3a43-4b88-a8b9-c1d5b2aa9d68","refsource":"MISC","url":"https://wpscan.com/vulnerability/f1af4267-3a43-4b88-a8b9-c1d5b2aa9d68"}]},"source":{"discovery":"EXTERNAL"}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T00:52:59.794Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://wpscan.com/vulnerability/f1af4267-3a43-4b88-a8b9-c1d5b2aa9d68"}]}]},"cveMetadata":{"assignerOrgId":"1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81","assignerShortName":"WPScan","cveId":"CVE-2022-2877","datePublished":"2022-09-16T08:40:37.000Z","dateReserved":"2022-08-17T00:00:00.000Z","dateUpdated":"2024-08-03T00:52:59.794Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}