Report
The Admin and Site Enhancements (ASE) plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 7.6.9 due to insufficient IP address validation. This makes it possible for unauthenticated attackers to bypass login limit restrictions.
Score:5.3
Severity:Medium
Version:< 7.6.10
There is a patch available in v7.6.10 and we strongly recommend you update to this version as soon as possible.
