CWE-348 (使用不可信的源) — Vulnerability Class 42

42 vulnerabilities classified as CWE-348 (使用不可信的源). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2022-4532	LOGIN AND REGISTRATION ATTEMPTS LIMIT<= 2.1 - IP Address Spoofing to Protection Mechanism Bypass — LOGIN AND REGISTRATION ATTEMPTS LIMIT	6.5	Medium	2024-08-17
CVE-2024-6171	Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.112 - IP Address Spoofing to Antispam Bypass — Unlimited Elements For Elementor	5.3	Medium	2024-07-09
CVE-2022-44593	WordPress Solid Security plugin <= 9.3.1 - IP Spoofing Leading to Denial of Service vulnerability — Solid Security	3.7	Low	2024-06-21
CVE-2024-0789	WP Maintenance <= 6.1.9.2 - IP Spoofing to Maintenance Mode Bypass — WP Maintenance	5.3	Medium	2024-06-19
CVE-2024-23105	Fortinet FortiPortal 安全漏洞 — FortiPortal	7.1	High	2024-05-14
CVE-2024-27773	Unitronics Unistream Unilogic – Versions prior to 1.35.227 CWE-348: Use of Less Trusted Source — Unistream Unilogic	8.8	High	2024-03-18
CVE-2023-2897	Brizy Page Builder <= 2.4.18 - IP Address Spoofing to Protection Mechanism Bypass — Brizy – Page Builder	3.7	Low	2023-06-09
CVE-2022-4537	Hide My WP Ghost – Security Plugin <= 5.0.18 - IP Address Spoofing to Protection Mechanism Bypass — WP Ghost (Hide My WP Ghost) – Security & Firewall	6.5	Medium	2023-05-09
CVE-2022-2255	mod_wsgi 数据伪造问题漏洞 — mod_wsgi	7.5	-	2022-08-25
CVE-2022-31813	mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism — Apache HTTP Server	9.8	-	2022-06-08
CVE-2021-21373	Nimble falls back to insecure http url when fetching packages — security	7.5	High	2021-03-26
CVE-2021-21374	Nimble fails to validate certificates due to insecure httpClient defaults — security	8.1	High	2021-03-26

Vulnerabilities classified as CWE-348 (使用不可信的源) represent 42 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.