Ip2location Country Blocker — known CVE vulnerabilities
Every CVE whose affected-product data names Ip2location Country Blocker, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2025-1361 — CVSS 7.5 (high): The IP2Location Country Blocker plugin for WordPress is vulnerable to Regular Information Exposure in all versions up to, and including…
CVE-2021-25108 — CVSS 7.1 (high): The IP2Location Country Blocker WordPress plugin before 2.26.6 does not have CSRF check in the ip2location_country_blocker_save_rules AJAX…
CVE-2021-25095 — CVSS 7.1 (high): The IP2Location Country Blocker WordPress plugin before 2.26.5 does not have authorisation and CSRF checks in the ip2location_country_blocke…
CVE-2021-25096 — CVSS 6.5 (medium): The IP2Location Country Blocker WordPress plugin before 2.26.5 bans can be bypassed by using a specific parameter in the URL
CVE-2025-24731 — CVSS 5.9 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in IP2Location Download IP2Location…
CVE-2024-22294 — CVSS 5.3 (medium): Exposure of Sensitive Information to an Unauthorized Actor vulnerability in IP2Location IP2Location Country Blocker.This issue affects…
CVE-2023-37865 — CVSS 5.3 (medium): Authentication Bypass by Spoofing vulnerability in IP2Location Download IP2Location Country Blocker allows Accessing Functionality Not…
CVE-2024-32443 — CVSS 4.3 (medium): Cross-Site Request Forgery (CSRF) vulnerability in IP2Location Download IP2Location Country Blocker.This issue affects Download IP2Location…