CVE Vulnerabilities

CVE-2024-0868

Published: Apr 17, 2024 | Modified: Jun 17, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io minimus.io echohq.com

The coreActivity: Activity Logging plugin for WordPress plugin before 2.1 retrieved IP addresses of requests via headers such X-FORWARDED to log them, allowing users to spoof them by providing an arbitrary value

Affected Software

Name Vendor Start Version End Version
Coreactivity Dev4press * 2.1 (excluding)

References