How severe is CVE-2022-4533?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2022-4533?

This is classified as CWE-348, which is a common weakness in software security.

CVE-2022-4533 - MEDIUM Severity | CVSS 5.3

Vulnerability Description

The Limit Login Attempts Plus plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.1.0. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the X-Forwarded-For header with with a different IP Address that will be logged and can be used to bypass settings that may have blocked out an IP address or country from logging in.

Related Vulnerabilities

CVE-2022-44593

MEDIUM

CVSS:5.3(Medium)

Use of Less Trusted Source vulnerability in SolidWP Solid Security allows HTTP DoS.This issue affects Solid Security: from n/a through 9.3.1.

CWE-3482022

CVE-2022-4529

MEDIUM

CVSS:5.3(Medium)

The Security, Antivirus, Firewall – S.A.F plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.3.5. This is due to insufficient restrictions on where the IP Ad...

CWE-3482022

CVE-2022-4534

MEDIUM

CVSS:5.3(Medium)

The Limit Login Attempts (Spam Protection) plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 5.3. This is due to insufficient restrictions on where the IP Add...

CWE-3482022

CVE-2022-4536

MEDIUM

CVSS:5.3(Medium)

The IP Vault – WP Firewall plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.1. This is due to insufficient restrictions on where the IP Address information...

CWE-3482022

CVE-2022-4539

MEDIUM

CVSS:5.3(Medium)

The Web Application Firewall plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.1.2. This is due to insufficient restrictions on where the IP Address informa...

CWE-3482022

CVE-2025-47149

MEDIUM

CVSS:5.3(Medium)

The optional feature 'Anti-Virus & Sandbox' of i-FILTER contains an issue with improper pattern file validation. If exploited, the product may treat an unauthorized pattern file as an authorized. If t...

CWE-3482025