[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f4xegi-HRCIxfuZDOZkmDX8IbuNgvkSTxAL3YKCKEz0U":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2023-49774","wp-photo-album-plus-ip-spoofing","WP Photo Album Plus \u003C= 8.5.02.005 - IP Spoofing","The WP Photo Album Plus plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 8.5.02.005. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply a header that allows their IP address to appear from a different location.","wp-photo-album-plus",null,"\u003C=8.5.02.005","8.6.01.005","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Use of Less Trusted Source","2023-12-05 00:00:00","2024-02-05 17:31:47",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F017fe804-a1a5-4f8d-a531-e928d668dbc4?source=api-prod",63]