High severity7.5NVD Advisory· Published Jan 23, 2023· Updated Jun 17, 2026
CVE-2022-4746
CVE-2022-4746
Description
The FluentAuth WordPress plugin before 1.0.2 prioritizes getting a visitor's IP address from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass the IP-based blocks set by the plugin.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <1.0.2
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/62e3babc-00c6-4a35-972f-8f03ba70ba32nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.