VYPR

Blackhole For Bad Bots

by WordPress

CVEs (1)

  • CVE-2022-1165CriApr 4, 2022
    risk 0.52cvss 9.1epss 0.02

    The Blackhole for Bad Bots WordPress plugin before 3.3.2 uses headers such as CF-CONNECTING-IP, CLIENT-IP etc to determine the IP address of requests hitting the blackhole URL, which allows them to be spoofed. This could result in blocking arbitrary IP addresses, such as…