CVE-2020-35539

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

07 Nov 2023, 03:21

Type Values Removed Values Added
Summary ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

07 Dec 2022, 18:15

Type Values Removed Values Added
CPE cpe:2.3:a:wordpress:wordpress:5.1:*:*:*:*:*:*:*
CWE CWE-20
References
  • {'url': 'https://seclists.org/fulldisclosure/2021/Mar/24', 'name': 'https://seclists.org/fulldisclosure/2021/Mar/24', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MISC'}
CVSS v2 : unknown
v3 : 9.8
v2 : unknown
v3 : unknown
Summary A flaw was found in Wordpress 5.1. "X-Forwarded-For" is a HTTP header used to carry the client's original IP address. However, because these headers may very well be added by the client to the requests, if the systems/devices use IP addresses which decelerate at X-Forwarded-For header instead of original IP, various issues may be faced. If the data originating from these fields is trusted by the application developers and processed, any authorization checks originating IP address logging could be manipulated. ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

19 Oct 2022, 14:54

Type Values Removed Values Added
First Time Wordpress wordpress
Wordpress
CPE cpe:2.3:a:wordpress:wordpress:5.1:*:*:*:*:*:*:*
References (MISC) https://seclists.org/fulldisclosure/2021/Mar/24 - (MISC) https://seclists.org/fulldisclosure/2021/Mar/24 - Mailing List, Third Party Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8

17 Oct 2022, 17:56

Type Values Removed Values Added
New CVE

Information

Published : 2022-10-17 16:15

Updated : 2023-12-10 14:35


NVD link : CVE-2020-35539

Mitre link : CVE-2020-35539

CVE.ORG link : CVE-2020-35539


JSON object : View

Products Affected

No product.

CWE

No CWE.