CVE-2022-1613

CVE-2022-1613: Restricted Site Access < 7.3.2 - Access Bypass via IP Spoofing

Vendor Unknown
Product Restricted Site Access
Weakness CWE-639 · IDOR
Published September 26, 2022
Last update May 21, 2025

CVSS base score

What the vulnerability does

01Description

The Restricted Site Access WordPress plugin before 7.3.2 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based limitations in certain situations.

Key dates

02Disclosure timeline

September 26, 2022 CVE published
May 21, 2025 Record updated

Related vulnerabilities

04Related CVE