VYPR

Advanced Country Blocker

by Advanced Country Blocker

CVEs (2)

  • CVE-2024-11459MedDec 12, 2024
    risk 0.40cvss 6.1epss 0.00

    The Country Blocker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ip' parameter in all versions up to, and including, 3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject…

  • CVE-2026-1675MedFeb 7, 2026
    risk 0.27cvss 5.3epss 0.00

    The Advanced Country Blocker plugin for WordPress is vulnerable to Authorization Bypass in all versions up to, and including, 2.3.1 due to the use of a predictable default value for the secret bypass key created during installation without requiring users to change it. This…