Vulnerabilities (CVE)

Filtered by vendor Webence Subscribe

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-41155	1 Webence	1 Iq Block Country	2023-08-08	N/A	9.8 CRITICAL
Block BYPASS vulnerability in iQ Block Country plugin <= 1.2.18 on WordPress.
CVE-2022-1762	1 Webence	1 Iq Block Country	2022-06-21	5.0 MEDIUM	7.5 HIGH
The iQ Block Country WordPress plugin through 1.2.13 does not properly checks HTTP headers in order to validate the origin IP address, allowing threat actors to bypass it's block feature by spoofing the headers.
CVE-2021-36873	1 Webence	1 Iq Block Country	2021-09-29	3.5 LOW	5.4 MEDIUM
Authenticated Persistent Cross-Site Scripting (XSS) vulnerability in WordPress iQ Block Country plugin (versions <= 1.2.11). Vulnerable parameter: &blockcountry_blockmessage.