CVE-2022-2877 Titan Anti-spam & Security plugin before 7.3.1 doesn't properly validate HTTP headers, allowing threat actors to spoof the origin IP address.

An attacker could then send spam through the WordPress site. This update fixes the issue by adding better validation.

8.1.1 - 8.1.2 - 7.3.1 - 7.0.12 - 6.9.4 - 6.9.3 - 6.9.2 - 6.9.1 - 6.8.10 - 6.8.9 - 6.8.8 - 6.8.7 - 6.8.6 - 6.8.5 - 6.8.4 - 6.8.3 - 6.8.2 - 6.8.1 - 6.8 - 6.7.7 - 6.7.6 - 6.7.5 - 6.7.4 - 6.7.3 - 6.7.2 - 6.7.1 - 6.7 - 6.6.9 - 6.6.8 - 6.6.7 - 6.6.6 - 6.6.5 - 6.6.4 - 6.6.3 - 6.6.2 - 6.6 - 6.5.5 - 6.5.4 - 6.5.3 - 6.5.2 - 6.5.1 - 6.5 - 6.4.11 - 6.4.10 - 6.4.9 - 6.4.8 - 6.4.7 - 6.4

WordPress Version and Build Number##

The WordPress version is
The WordPress build number is
The easiest way to check for a particular vulnerability is by checking the list of known vulnerabilities for the current version of WordPress. You can find this list in the "CVE" column on the info page of your WordPress installation.

Timeline

Published on: 09/16/2022 09:15:00 UTC
Last modified on: 09/20/2022 13:25:00 UTC

References

• https://wpscan.com/vulnerability/f1af4267-3a43-4b88-a8b9-c1d5b2aa9d68
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2877