verbb/knock-knock Security Advisories for 1.2.6 (2)
-
[MEDIUM] Knock Knock plugin Open redirection vulnerability
PKSA-h5g7-z8dt-svn4 CVE-2020-13486 GHSA-m69r-4h68-xq7j
Affected version: <1.2.8
Reported by:
GitHub -
[CRITICAL] Knock Knock plugin IP Whitelist bypass via an X-Forwarded-For HTTP header
PKSA-m63z-24sm-jgzh CVE-2020-13485 GHSA-wxvr-qqm7-6h65
Affected version: <1.2.8
Reported by:
GitHub