Home
Knowledge Base
Newsflash
Business and Enterprise Solutions
CMS
WordPress: Login Limit Bypass Vulnerability in Admin and Site Enhancements (ASE) Plugin

WordPress: Login Limit Bypass Vulnerability in Admin and Site Enhancements (ASE) Plugin

by the Hossted team

04.03.2025

In the Admin and Site Enhancements (ASE) plugin for WordPress versions before 7.6.10 a medium severity vulnerability CVE-2024-13685 was detected. This vulnerability allows attackers to manipulate client IP addresses via untrusted headers, potentially bypassing the login limit feature. To address this issue, users should upgrade Admin and Site Enhancements (ASE) plugin to version 7.6.10 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-13685.