Get Started
  • Home
  • CMS
  • WordPress: Information Exposure Vulnerability in IP2Location Country Blocker Plugin

WordPress: Information Exposure Vulnerability in IP2Location Country Blocker Plugin

by the Hossted team
24.02.2025

In IP2Location Country Blocker plugin for WordPress versions 2.38.8 and prior a medium severity vulnerability CVE-2025-1361 was detected. This vulnerability allows unauthenticated attackers to access and view the plugin’s settings due to missing capability checks on the admin_init() function. To address this issue, users should upgrade IP2Location Country Blocker plugin to version 2.38.9. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-1361.

Related articles
OSSpedia
OSSpedia 19 Feb 2025 WordPress: Insecure Direct Object Reference in Education Addon for Elementor Plugin Business and Enterprise Solutions CMS WOR
OSSpedia 19 Feb 2025 WordPress: Cross-Site Request Forgery Vulnerability in DeBounce Email Validator Plugin Business and Enterprise Solutions CMS WOR
OSSpedia 19 Feb 2025 WordPress: Unauthorized Access Vulnerability in Raptive Ads Plugin Business and Enterprise Solutions CMS WOR
OSSpedia 11 Mar 2025 WordPress: Stored XSS Vulnerability in Countdown Timer Plugin Business and Enterprise Solutions CMS WOR