The Restricted Site Access WordPress plugin prior to 7.3.2 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based limitations in certain situations.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
10up restricted site access |