The User Access Manager WordPress plugin prior to 2.2.18 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible for malicious users to access restricted content in certain situations.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
alexanderschneider user access manager |