CVE-2022-4550 Information

Description

The User Activity WordPress plugin through 1.0.1 checks headers such as the X-Forwarded-For to retrieve the IP address of the request which could lead to IP spoofing

Reference

https://wpscan.com/vulnerability/a1179959-2044-479f-a5ca-3c9ffc46d00e